We are creating an iOS / android application with a web portal (angular) (for management purposes). The backend API will be created using Java, as the web portal can have different types of users, which I was thinking about using Spring Security.
I was thinking of using my backend services to authenticate the user using AWS Cognito. I do not want to integrate iOS / Andorid / Web directly with AWS Cognito, as in the future we may need to switch to other providers.
I'm not sure if this is possible or not, but I was thinking of something like this: 1. Registering the API: iOS / Android / Web (with a role) calls my internal service using email and password. The backend service registers the user using AWS Cognito. AWS Cognito will return the identifier for this user and the same identifier that I will use in my local db to create the b / w link user and roles and other tables. The backend service will return a json response to the client (iOS / Android and web), indicating that the user is created.
Login API: iOS / Android / Web (with role) calls my internal service using email and password. The backend service sends the AWS Cognito email address and password. If the user is available, AWS Coginto returns a token (with expiration) that is passed to the client (iOS / Andorid / Web) through the backend service, and if it is unavailable, it throws an exception.
Get the user API: as soon as the user logs in, iOS / Android / Web (with the role) will call my backend service using a token (selected from the Login API). The backend service confirmed the token using AWS Cognito. If the token is valid, AWS Cognito returns user information, as well as the email address and identifier, to identify the user in my local db.
API: Get User Info, .. (iOS/Andorid/Web) - , AWS Cognito.
API . API .
AWS Cognito, , . , - , AWS Cognito , , .
, !