I have never used aws cognito in any application, but I will be using soon. Currently I am using pow for handling authentication stuff in the web application. The documentation that I read so far for aws cognito describe tokens that we get from aws after successfully authenticating the user, but I couldn’t figure out how to use those tokens in the forms for authenticating the user, and managing their access.
I didn’t find much stuff on this topic either.
I am just looking for the flow how to do that?
What kind of plugs I need to add in the browser pipeline?
Where to store the tokens after user signed in?
How to pass them around?
Any thoughts or experience you could share would be much appreciated.
Unfortunately my experience is limited to the verification of tokens in the backend, so I might not be able to help much. Anyway, have you checked all the flows in Cognito’s documentation? I would also check how Phoenix handles sessions ( mix phx.gen.auth — Phoenix v1.6.12). It might be the case you won’t be storing tokens nor passing them around. Instead, you would be using the token to create a session for your user and then a session id in a cookie would be all you need.
We once used Cognito together with the
Authenticate action in an ELB. It does not get easier.