filmov
tv
Amazon Cognito Authentication and Authorization | Cognito User Pool & Identity Pool Explained
Показать описание
Amazon Cognito is an identity platform for web and mobile apps. Today we will understand important features of Cognito.
Userpool - Amazon Cognito user pool is a user directory. With a user pool, your users can sign in to your web or mobile app through Amazon Cognito, or federate through a third-party Identity provider. Amazon Cognito user pool can be a standalone IdP. Amazon Cognito draws from the OpenID Connect (OIDC) standard to generate JWTs for authentication and authorization. When you sign in local users, your user pool is authoritative for those users.
These are key features of Cognito User Pool.
1. Cognitor User pool can issue ID tokens to authenticate users.
2. Issue access tokens to authorize user access to APIs.
3. Sign up, manage, and authenticate users with the hosted UI.
4. Set up multi-factor authentication (MFA) for your users.
5. Secure against malicious activity and insecure passwords.
Identity Pool - Identity pool issues AWS credentials for your app to serve resources to users. You can authenticate users with a trusted identity provider, like a user pool or a SAML 2.0 service. It can also optionally issue credentials for guest users. Identity pools use both role-based and attribute-based access control to manage your users’ authorization to access your AWS resources.
1. It supports Amazon Cognito user pool Service provider - Exchange an ID token from your user pool for web identity credentials from AWS STS
2. SAML 2.0 Service provider - Exchange SAML assertions for web identity credentials from AWS STS
3. OIDC Service provider - Exchange OIDC tokens for web identity credentials from AWS STS
4. OAuth2 Service provider - Exchange OAuth tokens from Amazon, Facebook, Google, Apple, and Twitter for web identity credentials from AWS STS
5. Custom Service provider - With AWS credentials, exchange claims in any format for web identity credentials from AWS STS
6. Unauthenticated access - Issue limited-access web identity credentials from AWS STS without authentication
7. Role-based access control- Choose an IAM role for your authenticated user based on their claims, and configure your roles to only be assumed in the context of your identity pool
8. Attribute-based access control - Convert claims into principal tags for your AWS STS temporary session, and use IAM policies to filter resource access based on principal tags
#awsecs #cognitoidentitypool #cognitouserpool
** CHECK OUT OUR OTHER VIDEOS **
Create AWS EC2 Instance and Run Springboot Microservice and MongoDB in EC2 Server
** CHECK OUR PLAYLISTS **
AWS Cloud and Docker Containers Complete Tutorial
CodeOneDigest Learning Shorts
Complete Python Learning Tutorial Playlist
** ABOUT OUR CHANNEL **
CodeOneDigest is a youtube channel for the videos on programming language, cloud and docker container technology in English and Hindi languages.
Check out our channel here:
Don’t forget to subscribe!
** OUR WEBSITE **
** GET IN TOUCH **
FOLLOW US ON SOCIAL - LIKE, SHARE & SUBSCRIBE
Get updates or reach out to Get updates on our Social Media Profiles!
Userpool - Amazon Cognito user pool is a user directory. With a user pool, your users can sign in to your web or mobile app through Amazon Cognito, or federate through a third-party Identity provider. Amazon Cognito user pool can be a standalone IdP. Amazon Cognito draws from the OpenID Connect (OIDC) standard to generate JWTs for authentication and authorization. When you sign in local users, your user pool is authoritative for those users.
These are key features of Cognito User Pool.
1. Cognitor User pool can issue ID tokens to authenticate users.
2. Issue access tokens to authorize user access to APIs.
3. Sign up, manage, and authenticate users with the hosted UI.
4. Set up multi-factor authentication (MFA) for your users.
5. Secure against malicious activity and insecure passwords.
Identity Pool - Identity pool issues AWS credentials for your app to serve resources to users. You can authenticate users with a trusted identity provider, like a user pool or a SAML 2.0 service. It can also optionally issue credentials for guest users. Identity pools use both role-based and attribute-based access control to manage your users’ authorization to access your AWS resources.
1. It supports Amazon Cognito user pool Service provider - Exchange an ID token from your user pool for web identity credentials from AWS STS
2. SAML 2.0 Service provider - Exchange SAML assertions for web identity credentials from AWS STS
3. OIDC Service provider - Exchange OIDC tokens for web identity credentials from AWS STS
4. OAuth2 Service provider - Exchange OAuth tokens from Amazon, Facebook, Google, Apple, and Twitter for web identity credentials from AWS STS
5. Custom Service provider - With AWS credentials, exchange claims in any format for web identity credentials from AWS STS
6. Unauthenticated access - Issue limited-access web identity credentials from AWS STS without authentication
7. Role-based access control- Choose an IAM role for your authenticated user based on their claims, and configure your roles to only be assumed in the context of your identity pool
8. Attribute-based access control - Convert claims into principal tags for your AWS STS temporary session, and use IAM policies to filter resource access based on principal tags
#awsecs #cognitoidentitypool #cognitouserpool
** CHECK OUT OUR OTHER VIDEOS **
Create AWS EC2 Instance and Run Springboot Microservice and MongoDB in EC2 Server
** CHECK OUR PLAYLISTS **
AWS Cloud and Docker Containers Complete Tutorial
CodeOneDigest Learning Shorts
Complete Python Learning Tutorial Playlist
** ABOUT OUR CHANNEL **
CodeOneDigest is a youtube channel for the videos on programming language, cloud and docker container technology in English and Hindi languages.
Check out our channel here:
Don’t forget to subscribe!
** OUR WEBSITE **
** GET IN TOUCH **
FOLLOW US ON SOCIAL - LIKE, SHARE & SUBSCRIBE
Get updates or reach out to Get updates on our Social Media Profiles!
Комментарии