About changing the scope of the OAuth Scope for Client Credentials grant and the suggestion of implementation for Authorization Code Grant flow without using hosted UI

Hello, We are now facing an issue about the scope of "aws.cognito.signin.user.admin" after using initiateAuth method for signing in to Cognito, as we found this scope has given a lot of API actions when the user gain the token. For the condition of using initialAuth() method from Cognito with USER_PASSWORD_AUTH and Client Credentials grant flow, any possible solution to change the scope? And if Authorization Code Grant flow is needed to be selected in order to switch to other possible scopes, is it possible for not using the hosted UI as the login form and retain the initialAuth() method with USER_PASSWORD_AUTH and applying the new grant flow? Thanks.

Regards, Jimmy Shum

Topics

Security, Identity, & Compliance

Relevant content

Authorization code flow with custom UI and Cognito
Accepted Answer
sasajankovic
asked 3 years ago
Getting an error logging in with IdP in authorization code grant flow
jpulse
asked 4 years ago
About the grant type for the USER_SRP_AUTH in AWS Cognito
jimmysyw
asked a year ago
OAUTH Password Grant Type with Cognito
AWS-User-6083653
asked 2 years ago
How can I get custom scopes in the access token when I make an InitiateAuth or AdminInitiateAuth API call?
AWS OFFICIALUpdated 3 months ago
How do I configure the hosted web UI for Amazon Cognito?
AWS OFFICIALUpdated 2 years ago
How do I change the attributes of an Amazon Cognito user pool after creation?
AWS OFFICIALUpdated 8 days ago
How do I authorize access to API Gateway APIs using custom scopes in Amazon Cognito?
AWS OFFICIALUpdated a year ago
The Advantages of Using VMware Cloud on AWS for Your Business
EXPERT
Sedat Salman
published 10 months ago
Unlocking the Secrets of AWS Identity and Access Management
EXPERT
Giovanni Lauria
published 2 months ago