eCloudtureeCloudture
  • Training
    • Cloud Map
    • Cloud Training
    • Cloud Certification
  • Career
    • University Cloud Seeding Program
  • Resource
    • Blog
    • Examinations Center
    • Venue Rental
  • eCloudture
    • About eCloudture
    • Sharing Story
    • Contact
  • chinese
    • Training
      • Cloud Map
      • Cloud Training
      • Cloud Certification
    • Career
      • University Cloud Seeding Program
    • Resource
      • Blog
      • Examinations Center
      • Venue Rental
    • eCloudture
      • About eCloudture
      • Sharing Story
      • Contact
    • chinese
    • Home
    • All Post
    • Create a user pool with AWS Cognito

    Create a user pool with AWS Cognito

    • Posted by Shelly Yu
    • Categories All Post, Foundation, Security
    • Date 08/08/2019
    • Comments 0 comment

    Overview

    Amazon Cognito not only lets you add user sign-up, authorization, sign-in, and access control to your web and mobile apps quickly and easily but also scales to millions of users. Moreover, your users can sign in through a third party such as Facebook, Amazon, or Google and enterprise identity providers via SAML 2.0.

    Two main components of Amazon Cognito are user pools and identity pools. User pools are user directories that provide sign-up and sign-in options for your app users. What’s more, it also recorded all the users from your Web or application. Identity pools enable you to grant your users access to other AWS services. You can use identity pools and user pools separately or together.

    Scenario

    With this lab, you will create your user pool use built-in webpages available for signing up and signing in your users. Amazon Cognito hosted UI is the foundation for other features such as the ability to sign in directly to your user poor thorough third party as well as through OpenID Connect(OIDC) and SAML identity providers.

    Step by Step

    Build a static web hosting

    You will set up static web hosting on S3.

    1. Download index.html.

    2. On the service menu, choose S3.

    3. Click create bucket and Create.

      • Bucket name: cognitoyourname.
    4. Type your bucket name in the field of Search for buckets, then choose your bucket.

    1. Click upload, select index.html and upload.

    2. Choose Permissions tab and public access settings.

      • edit and unclick four option and save.

    1. Enter confirm in the field and Confirm.

    2. Select your index.html and click tab Permissions.

      • Select everyone and Read Object and save.


    9. Return to the previous page.

    1. Select Properties tab and choose static website hosting.

    1. Select Use this bucket to host a website, input index.html and save.

    Adding an App client

    Create a client pool to log in your website.

    1. Under Service menu, choose Cognito.

    2. Choose left one Manage User Pools and Create a user pool storing user’s information.

    3. Enter UserPool_yourname for Pool name and click Step through settings.

    4. On the left panel, choose App clients and click add an app client.

    5. Enter myclient_yourname on App client name, unclick Generate client secret and create.

    6. Click Return to pool details and click Create pool.

    7. On Enabled Identity Providers click Select All.

    8. Enter S3 bucket's Object URL in Callback URL(s)

      • Go to S3 console and select your bucket and click index.html and copy Object URL.

    9. Click Save changes and Choose domain name.

    10. Enter yourname in your domain name or webpages you are willing to protect and click check availability to make sure your name is usable and Save changes.

    Test your website

    Login to your webpage

    Log in to your web using AWS Cognito.

    1. Open a new tab, enter
      
    https://<your domain>/login?response_type=code&client_id=<your_app_client_id>&redirect_uri=<your_callback_url>
    

    You can find your_domain on the left panel App integration and click Domain name.

    You can find your_app_cleient_id, your_callback_url on the left panel App integration and click App client setting.

    For example:

    https://yourname.auth.yourregion.amazoncognito.com/login?response_type=token&client_id=1234xxxxxx123xxxx78x93x80x&redirect_uri=https://s3.amazonaws.com/yourbucketname/index.html
    
    1. You can log in or register.

    1. Sign up for an account.

    1. Receive a verification email.

    1. Login to your webpage sees this webpage.

    1. Back to Cognito, you can check the account you registered.

    Furthermore

    User Pools

    A user pool is a user directory in Amazon Cognito. Your users can sign in to your web or mobile app through Amazon Cognito, or federate through a third-party identity provider (IdP). No matter which one user chooses to log in, you can see all the member information in your AWS Cognito.

    Identity Pools

    With an identity pool, your users can obtain temporary AWS credentials to access AWS services, such as Amazon S3 and DynamoDB. I

    Conclusion

    You have learned how to write a login webpages with AWS Cognito. You can log in to webpages and register a new account. All the information will show on the AWS Cognito user pool.

    Now you can try to create your own login webpages or application with AWS Cognito. Authentication, authorization, and user management for your web and mobile apps become a more and more important issue. Therefore, you should try AWS Cognito to protect your webpages.

    Reference

    1. AWS Cognito : here

    2. AWS Cognito document: here

    Tag:Amazon S3, AWS, AWS Cognito, Dynamo DB

    • Share:
    Shelly Yu

    Previous post

    AWS Read-Replica RDS Database
    08/08/2019

    Next post

    Getting started with Docker container in AWS Cloud9
    08/08/2019

    You may also like

    reInvent_facebook_post_werner_Eng
    AWS re:Invent 2021 – Werner Vogels Keynote
    6 December, 2021
    reInvent-Adam-Eng_工作區域 1
    AWS re:Invent 2021 – Adam Selipsky Keynote
    1 December, 2021
    shutterstock_134102588
    AutoScaling – Health check v.s. Status Check
    25 November, 2021

    Leave A Reply Cancel reply

    Your email address will not be published. Required fields are marked *

    搜尋文章

    Categories

    • AI/ML
    • All Post
    • AWS re:Invent
    • Big Data
    • Container
    • Foundation
    • News
    • Security
    • Serverless
    Phone : +886 2 22801777
    Mail : info@ecloudture.com

    Training

    • Cloud Training
    • Cloud Map
    • Cloud Certification

    Talent

    • University Cloud Seeding Program

    Resource

    • Blog
    • Examinations Center
    • Venue Rental

    eCloudture

    • About eCloudture
    • Sharing Story
    • Contact

    • Privacy
    • Terms
    • Sitemap