In this module, you configure Amazon Cognito for use as the authentication provider in your application. Amazon Cognito is a fully managed authentication provider that allows for user sign-up, verification, login, and more.
Amazon Cognito has two different components: user pools and identity pools. User pools are standard user directories where users sign in through Amazon Cognito or through a third-party identity, such as Facebook. After successful authentication, users receive tokens, such as access tokens or ID tokens, that can be used to access resources in the backend.
In contrast, identity pools provide a way for users to receive temporary AWS credentials for accessing AWS resources. This could be used to provide limited, direct access to an AWS Lambda function, an Amazon DynamoDB table, or other resources.
In this tutorial, you use Amazon Cognito user pools. You allow users to register via your application. After they’ve registered, they can login via a client to receive an ID token. This ID token can be passed as a header to your application to authenticate the user.
In the following steps below, you create an Amazon Cognito user pool. Then you create a client to access the user pool. Finally, you look at some example code to interact with the user pool.
Time to Complete Module: 10 Minutes
In this module, you created and configured an Amazon Cognito user pool and a client for the user pool. You also saw your utility functions that interact with your Amazon Cognito user pool for user registration, login, and verification.
In the next module, you deploy your backend application using serverless technologies like AWS Lambda and Amazon API Gateway.