Much like AWS provides hosted UI for sign-up/in for Cognito, does there exist an app to modify user-profiles stored in Cognito?
I am looking for either hosted service or a GitHub project I can host myself.
The closest I found so far is https://github.com/MetaMetricsInc/django-warrant. It allows to get Django-app up and running, which uses Cognito as auth back-end and has profile-views. But it's not designed to be integrated into other apps (no AWS UI's like redirect-destination).
Related
I want to be able to remember a user's device using Amplify's hosted UI with React. I set up MFA as required in the user pool. In "devices" I set Do you want to remember your user's devices? to "User-Opt In" and Do you want to use a remembered device to suppress the second factor during multi-factor authentication (MFA)? to "Yes". In the React side I'm using the withAuthenticator HOC.
The problem is when I login, I get redirected to the confirm sms code page without the application or amplifying remembering the device. Also if I look at the device in the user pool, it has the status: note_remembered.
Is there any way to configure this through the hosted Amplify UI and if not how would I do it programatically?
I looked through all the docs and don't see anything even though this seems like a pretty ubiquitous use case.
It has been a while since I developed an Authentication Engine using Amplify. After going through the official Amplify Auth documentation and several Github threads, I was unable to find any API or technique to implement Cognito's Device remember feature.
In this case, I would recommend using a hybrid approach and using the GetDevice, ConfirmDevice, and UpdateDeviceStatus API calls in the native AWS JavaScript SDK, as the functionality is completely supported there.
Apropos which, Amplify is lacking a lot of imperative Cognito features, and I would implore you to raise a support request with the concerned AWS team.
Not sure how to go about doing this; I'm not looking for B2C, I don't want my users to sign in. I just want my Xamarin app to be able to access an Azure AAD protected API. In other words, I want to authenticate the app itself with the Azure Active Directory, to access an Azure AAD protected API. From what I've found on the internets, service principal to service principal auth is discouraged when using mobile apps and I've not really found a way to do it service to service anyhow.
Any suggestions on how to properly do this? Links with tutorials would be great.
Thanks!
Azure does provide the ability to generate a client ID which you could have sent from your application and checked. Microsoft talk about this in this article. You will want to be careful with how you store this ID in your app as if someone were to steal this they would be able to access your API. Along with that you'd also want to make sure that your connection between your app and server is secured with a pinned SSL certificate so it cannot be man-in-the-middle'd.
Another interesting approach is software attestation where some service checks various aspects of your app to ensure that it is your app. Full disclosure, I work for a company which does this. See Approov. We take a fingerprint of your app and our SAAS checks that this matches at run time. We then issue a token which your app can use to prove that it is the real app.
I just successfully went through the Cognito setup through AWS console, which is a manual process. I wanted to code it up next, i.e.,
I wanted to setup and configure my Cognito with Cloudformation config file AWS AWS::Cognito::UserPool. However, I don't see a field that define the open id connect providers (i.e, the Facebook and Google as identity provider).
Is there a way to do so?
I am on the Cognito team and this is not possible at this point. However, it is on our roadmap to bring CloudFormation support up to speed to all the features we have launched recently.
I am looking at Mobile backend service providers and trying some sample development.
I have looked at feedhenry, parse etc. I came across Amazon Cognito as well. Looks, "AWS Cognito + Mobile SDK" supports MBaaS predominantly.
Could someone advise me to start trying MBaaS with AWS Cognito?
A cognito dev guide can be found here: http://docs.aws.amazon.com/cognito/latest/developerguide/what-is-amazon-cognito.html
Also here is a sample app: https://github.com/awslabs/aws-sdk-ios-samples/tree/developer-authenticated-identities-2-4/CognitoSync-Sample
You will likely want to integrate with API Gateway to create your backend APIs- http://docs.aws.amazon.com/apigateway/latest/developerguide/welcome.html
I am trying to host a HTML/JS based app on AWS. I need to implement a signup/login feature for this app, now I understand I'll have to have a database (mysql will work?) here. However is there an off-the-shelf way of implementing something like user sign-up for an app on AWS? I don't want to take care of numerous security and authentication scenarios my self.
The AWS SDK for Browser is made for this: https://aws.amazon.com/sdk-for-browser/
Social Login
Secure your web app's access to AWS resources without any server-side
code. AWS SDK for JavaScript makes it easy for you to integrate with
Amazon Cognito, which allows you to provide customizable levels of API
access to unauthenticated and authenticated users. Amazon Cognito is
easy to set up with Facebook, Google, Login with Amazon, and any
OpenID Connect identity provider. To learn how to do this, visit the
AWS JavaScript Development Blog.