Greetings,
I have issues understanding how to secure the front-end deployed on Amplify web application using the Cognito service. and i tried the following: https://docs.amplify.aws/lib/auth/getting-started/q/platform/js/#enable-sign-up-sign-in-and-sign-out
Web application background:
The framework used is SAPUI5 tooling where the web application is built into a distribution folder. SAPUI5 tooling is based on node js application.
Locally the framework runs on express server and if i follow the guide for manual authentication https://docs.amplify.aws/lib/auth/emailpassword/q/platform/js/ it works just fine locally.
Deploying it to amplify it no longer works, and as far as i understood this is because it not supported.
Expected behavior / end-result
What i am expecting is that when you do amplify auth add and provide a user the front end UI portion would be protected no matter the URL used. And a login screen is provided before moving on to the main application
Questions:
- is amplify auth add only used to secure the back-end API resources? (looks like to be the case)
1-1 If amplify auth is only used for back-end then does this mean the web application itself needs to contain the login flow somehow without a server to prevent access and redirects?