OAuth 2.0 Device Authorization Grant feature in AWS Cognito

0

Hello,

We are trying to implement OAuth 2.0 Device Authorization Grant for our application using AWS Cognito. The specific flow we are looking for is the one specified in RFC 8628.

The Device Authorization Grant with Auth0 Identity Provider is being used in our application and this feature in Auth0 is conformant with RFC8628. Similarly, other Identity Providers also support the Device Authorization Grant conformant with RFC 8628 - for example, FusionAuth Identity Provider provides Device Authorization Grant conformant with RFC 8628 - Example Device Authorization Grant.

Since the Device Authorization Grant is an important part of our application, we are looking for the same in AWS Cognito. However, as per the blog - Implement OAuth 2.0 device grant flow by using Amazon Cognito and AWS Lambda, it appears that additional setup using AWS Lambda and AWS DynamoDB is required to achieve the Device Authorization Flow with Cognito.

Could you please help us understand whether Cognito natively supports OAuth 2.0 Device Authorization Grant conformant with RFC 8628 or the only way to implement it is by using the setup mentioned in Implement OAuth 2.0 device grant flow by using Amazon Cognito and AWS Lambda?

Pradhan
asked 6 months ago162 views
1 Answer
1
Accepted Answer

AWS Cognito does not natively support the OAuth 2.0 Device Authorization Grant as specified in RFC 8628. Instead, you can implement this functionality using a custom solution involving AWS Lambda, Amazon API Gateway, and Amazon DynamoDB, as detailed in an AWS blog post.

profile picture
EXPERT
answered 6 months ago
profile picture
EXPERT
reviewed 5 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions