Google Login Integration with Cognito & API Gateway

Question

Google Login Integration with Cognito & API Gateway

I want to integrate Google Login (not Google+ provided by Cognito, I don't want users to be Google+ users) with Cognito and API Gateway.

Am I on the right track?

I added account.google.com

Cognito Federated Identities to the pool.

After logging in:

AWS.config.region = "ap-northeast-2"
AWS.config.credentials = new AWS.CognitoIdentityCredentials({
    IdentityPoolId: 'ap-northeast-2:31cc246c-bd2e-46ee-91da-2b8eefcf0745',
    Logins: {
      "accounts.google.com": googleUser.getAuthResponse().id_token
    }
})

Am I on the right track? But just with this I don't have a cognito token?

I think I need to follow one of the docs streams . But what?

Am I just using Enchanced (Simplified)? And name GetId

and GetCredentialsForIdentity

? But I even need to GetId

. Think I only need a token?

Any examples or guidelines? I don't want to just work roughly but don't understand what use case for each thread ... can someone help explain?

+3

amazon-web-services amazon-cognito

Jiew meng May 20 '17 at 7:44

source to share

1 answer

David Kelley · Answer 1 · 2017-05-21T11:13:46+0000

By configuring AWS.config.credentials

, you effectively set up a credential object used to automatically obtain the AWS Access Key ID and Secret Access Key.

CognitoIdentityCredentials

( see here ) the object sets them up for you when you try to call any other AWS library like S3. If you need access to the keys themselves, call either AWS.config.credentials.refresh()

( refresh ) or AWS.config.credentials.get()

, and inside the callback, you can access AWS.config.credentials.secretAccessKey

( secretAccessKey ), etc.

Finally, if you want to get an Open ID token using a federated identity to use in a similar fashion for Cognito User Pools - as far as I know, this is not currently possible. The closest you can get is GetOpenIdToken .

Google Login Integration with Cognito & API Gateway

More articles: