AWS Cognito, Lambda, user credentials in DynamoDB

Question

AWS Cognito, Lambda, user credentials in DynamoDB

I installed the authentication flow with Facebook Login and AWS Cognito on the client site. Works great. But now I need a user link with facebook id in dynambodb table. Of course, I could just call the AWS lambda function opened through the AWS API gateway, but how can I verify that the API call does have a valid facebook id and that this facebook id matches the AWS Cognito id. Maybe I missed something here, I hope you guys can point me in the right direction;) thanks!

+4

facebook amazon-web-services aws-lambda amazon-cognito

user1990524 Feb 01 '16 at 21:19

source share

2 answers

( AWS, , ):

API- API /fblogin, POST Facebook- ( Facebook , ). : fb_login.
fb_login Amazon Cognito, . Federated Identity Cognito . , API , . , Cognito IdentityId Credentials. /fblogin.
, , API API- ( SDK SDK API ). API CORS AWS_IAM. , API Gateway , . $context.identity.cognitoIdentityId, . , , .

. , /fblogin HTTPS, FB Access . , HTTP.

, Dynamo DB CognitoID - FacebookID. 2 , -, .

+1

inblueswithu 17 . '16 18:21

behrooziAWS · Accepted Answer · 2016-02-01T21:59:52+0000

If you can enter your ddb table using the cognito identifier instead of the facebook id, you can call the api gateway with the cognito credentials. If you use credentials when calling lambda, you can access the cognito identifier through a token $context.identity.cognitoIdentityId. This ensures that the call has been made by the owner of this identifier. You can also check that $context.identity.cognitoAuthenticationProvider- graph.facebook.comto ensure that they complete through Facebook. Unfortunately, the facebook id is not passed in the credentials, so if you need it, you will need a lookup table matching the cognito identifier with the facebook id. For more information on the available tokens, see here .

AWS Cognito, Lambda, user credentials in DynamoDB

More articles: