By using AWS re:Post, you agree to the AWS re:Post Terms of Use

why amplify add auth generate two app clients ?

0

When creating a new Amplify application with Cognito auth using pushing, two app clients are in Cognito. and both clients only had an ID and did not have a secret. why?

I am using Amplify Add Auth Command.

1 Answer
0

Hello,

I hope you're doing well.

Thank you for reaching out to us with your concern.

I understand that you have two app clients in your Cognito with no secrets.

Basically, when you create an app client in Amazon Cognito, you can pre-populate options based on the standard OAuth client types public client and confidential client. For detailed information, please refer to [1] in the reference section below.

When you create a new Amplify application with Cognito auth using the Amplify CLI's amplify add auth command, it sets up two app clients by default to support different authentication flows. One is for the client-side (mobile app), and the other is for server-side (backend).

The client-side app client is the one you'll use in your front-end code, and it typically does not have a client secret. The client secret is used for server-to-server authentication, which is a native app client. In your case, you need to have two app clients:

“Web app client” – an app client without a client secret “Native app client” – an app client with a client secret

For more information on how to Use existing Cognito resources for your Amplify API, please refer to [2] in the reference section below.

To conclude, please make sure your Cognito User Pool has at least two app clients with the following configuration:

one app client without a client secret one app client with a client secret

Reference

[1] https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-client-apps.html [2] https://aws.amazon.com/blogs/mobile/use-existing-cognito-resources-for-your-amplify-api-storage-and-more/

AWS
answered a year ago
  • individual thanks for sharing your response Namitha_D! It's helped me to understand the concepts. but I doubt what you mentioned one app client without a client secret and one app client with a client secret. in my Cognito user pool, both clients have no secrets.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions