Validate Amazon SessionToken Cognito

0 votes

From the implementation I've seen it usually uses S3 as an example resource it tries to access. In my case, I just want to know if the credential provided is valid.

mobile sends username / password -> developer server authenticates and generates openIdToken (GetOpenIdTokenForDeveloperIdentity)

mobile sends openId token -> developer server get credentials (accessKeyId, secretAccessKey, sessionToken) with AssumeRoleWithWebIdentity

mobile sends accesskey accessSecret and sessionToken to server -> 
How do I validate if the credentials are correct?

Nov 14, 2018 in AWS by Jino
• 5,820 points

1 answer to this question.

0 votes

You can use it as an OAuth token provider. 

I am using Amazon STS to manage generating the token and their validity similar to how facebook and google.

answered Nov 14, 2018 by Theodor
• 740 points

Related Questions In AWS

0 votes
1 answer

Why amazon cognito authorizer works just as authenticator not as an authorizer?

Because it is an authenticator. Naming it as ...READ MORE

answered Sep 3, 2018 in AWS by Priyaj
• 58,140 points
0 votes
1 answer

Custom authorizer vs Cognito - authentication for amazon api gateway - Web application

okay, authentication and security is indeed hard ...READ MORE

answered Sep 24, 2018 in AWS by Priyaj
• 58,140 points
0 votes
1 answer

Validate a jwt token from cognito

Here is a documentation on how to ...READ MORE

answered Oct 31, 2018 in AWS by Priyaj
• 58,140 points
+4 votes
5 answers

Usage of Amazon Cloudfront or S3

When to use S3? S3 is like many ...READ MORE

answered Apr 3, 2018 in AWS by brat_1
• 7,200 points
+3 votes
3 answers

Terraform AWS Cognito App Client

This feature is not currently supported by ...READ MORE

answered Aug 28, 2018 in AWS by eatcodesleeprepeat
• 4,790 points
0 votes
1 answer
0 votes
1 answer
0 votes
1 answer