OAuth 2.0 Device Authorization Grant feature in AWS Cognito

0

Hello,

We are trying to implement OAuth 2.0 Device Authorization Grant for our application using AWS Cognito. The specific flow we are looking for is the one specified in RFC 8628.

The Device Authorization Grant with Auth0 Identity Provider is being used in our application and this feature in Auth0 is conformant with RFC8628. Similarly, other Identity Providers also support the Device Authorization Grant conformant with RFC 8628 - for example, FusionAuth Identity Provider provides Device Authorization Grant conformant with RFC 8628 - Example Device Authorization Grant.

Since the Device Authorization Grant is an important part of our application, we are looking for the same in AWS Cognito. However, as per the blog - Implement OAuth 2.0 device grant flow by using Amazon Cognito and AWS Lambda, it appears that additional setup using AWS Lambda and AWS DynamoDB is required to achieve the Device Authorization Flow with Cognito.

Could you please help us understand whether Cognito natively supports OAuth 2.0 Device Authorization Grant conformant with RFC 8628 or the only way to implement it is by using the setup mentioned in Implement OAuth 2.0 device grant flow by using Amazon Cognito and AWS Lambda?

posta 6 mesi fa183 visualizzazioni
1 Risposta
1
Risposta accettata

AWS Cognito does not natively support the OAuth 2.0 Device Authorization Grant as specified in RFC 8628. Instead, you can implement this functionality using a custom solution involving AWS Lambda, Amazon API Gateway, and Amazon DynamoDB, as detailed in an AWS blog post.

profile picture
ESPERTO
con risposta 6 mesi fa
profile picture
ESPERTO
verificato 5 mesi fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande