Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Cognito: How to retrieve federated identity token from 3rd party idp

0

I’ve set up a identity pool and configured a google IdP to be able to federate logging using google credentials. One of the goals of the software I’m building is to integrate with google apis to perform integrated functions on behalf of the user with google services. However, everything I’ve read and all my testing has lead me to believe that after google redirects back to cognito, it’s takes the google token and authors its own and the federated token is discarded and not retrievable. Ideally, I’d like to store the federated google token inside a claim of the cognito token itself.

Is there something I am missing, perhaps another path I’ve overlooked, or do need to look at another product because cognito doesn’t support my use-case

Themen
Sicherheit, Identität & Konformität
Tags
Amazon CognitoAmazon Cognito Federated Identities
Sprache
English
mypreptime-admin
gefragt vor 2 Jahren1185 Aufrufe
1 Antwort
0
Akzeptierte Antwort

If you want access to the federated tokens then you have to build your own oauth flow UI and leverage the cognito sdk in your api. Definitely not a nice out of the box solution as it meant I had to discard using the Hosted UI and ROYO my own with the cognito sdk driving it. However, the fact that the sdk was available was the solution to my scenario. https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/clients/client-cognito-identity-provider/index.html

mypreptime-admin
beantwortet vor 2 Jahren

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt