Cognito authentication with no keys

0

I'm in a fairly unique situation ( I think ). I'm trying to use Cognito to authenticate users to get an access token so I can make API calls to a third party's cloud database, BUT the only info I have is region, client ID, userpool ID, username and password. The users in this pool are managed by the third party who are using Cognito as their IdP. For various reasons I need to do this using PHP. I have looked through a ton of documentation and everything I see indicates that I need valid access and secret key to make the necessary calls. So, my question is: Is it possible to generate an access token with the info I have?

已提问 5 个月前329 查看次数
1 回答
0

It sounds like they may be using a Public client in Amazon Cognito, see App Client Types, in which case you can initiate the authorization flow with just the client ID.

The details of implementing authorization code flow can be found in the Open ID Connect (OIDC) Authorization Code Flow documentation. Typically you would use an (OIDC) library to handle the authentication flow, I don't have a personal recommendation for PHP.

One thing to note - typically you would use a Confidential Client for a server side application like PHP. Is it possible to ask them to create you a Confidential client instead of a Public client? In that case they would provide you with the same information, but also provide a client secret which you would add to the request in the auth flow.

AWS
已回答 4 个月前

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则