Integration with AWS Cognito

Hello,

We are using AWS to host our application, we’ve added our services to the AWS API Gateway and we were thinking of using AWS Cognito Pools for authenticating the users.
So my questions are:

1. Is it possible to integrate the application authorization with AWS Cognito?
2. If the first step is possible, will this be considered as custom provider?

We’ll be glad to know your suggestions.
Regards.

Hi,
Unfortunately, we don’t have experience with AWS Cognito. At the first glance, you can implement your own CubaAuthProvider ([url=https://doc.cuba-platform.com/manual-6.5/ldap.html]https://doc.cuba-platform.com/manual-6.5/ldap.html[/url]) and use it the same way we implement LDAP authentication: [url=https://doc.cuba-platform.com/manual-6.5/ldap_basic.html]https://doc.cuba-platform.com/manual-6.5/ldap_basic.html[/url] See com.haulmont.cuba.web.auth.LdapAuthProvider as an example of a simple authentication with user/password using an external system.

Hi,

is that still the way to go when it comes to AWS cognito? I have seen a couple of improvements have been made on the CUBA side but also on the Cognito side.

It seems multiple new mechanisms in CUBA have been established:

• Web Login - CUBA Platform. Developer’s Manual
• Login - CUBA Platform. Developer’s Manual
• https://www.cuba-platform.com/guides/anonymous-access-and-social-login

Also there is the new SAML addon as well as the already established LDAP addon.

With so many options what would be the preferred way of solving one of the following integration scenarios with Cognito:

• Regular username & password authentication
• OAuth webflow (see guide)
• SSO

Perhaps someone has some insights on how a cognito based authentication backend could be implemented.

Cheers
Mario