What is an Amazon Cognito?
Amazon Cognito provides authentication, authorization, and user management for your web and mobile apps. Your application users can sign in directly with a username and password, or through a third party such as Facebook, Amazon, Google, or Apple.
The two main components of Amazon Cognito are user pools and identity pools. User pools are user directories that provide sign-up and sign-in options for your app users. Identity pools enable you to grant your users access to other AWS services. You can use identity pools and user pools separately or together.
Components of Amazon Cognito
User pools
A user pool is a user directory in Amazon Cognito. With a user pool, your users can sign in to your web or mobile app through Amazon Cognito, or federate through a third-party identity provider (IdP). Whether your users sign in directly or through a third party, all members of the user pool have a directory profile that you can access through an SDK.
User pools provide the following features:
- Sign-up and sign-in services.
- A built-in, customizable web UI to sign in users.
- Social sign-in with Facebook, and Google, Login with Amazon, and Sign-in with Apple, and through SAML and OIDC identity providers from your user pool.
- User directory management and user profiles.
- Security features such as multi-factor authentication (MFA), checks for compromised credentials, account takeover protection, and phone and email verification.
- User migration through AWS Lambda triggers.
Identity pools
With an identity pool, your users can obtain temporary AWS credentials to access AWS services, such as Amazon S3 and DynamoDB. Identity pools support anonymous guest users, as well as the following identity providers that you can use to authenticate users for identity pools:
- Amazon Cognito user pools
- Social sign in with Facebook, and Google, Login with Amazon, and Sign in with Apple
- OpenID Connect (OIDC) providers
- SAML identity providers
- Developer authenticated identities
- To save user profile information, your identity pool needs to be integrated with a user pool.
Using the ListUsersRequest and ListUsersResult classess of , we can get users from Amazon Cognito.
public class AWSCognitoGetUsers { public static void main(String[] args) { final String AWS_ACCESS_KEY = ""; final static String AWS_SECRET_KEY = " "; final static String AWS_USER_POOL_ID = " "; final static String USER_POOL_REGION = " " int perRequestUserLimit = 30;// max is 60 List usersList = new ArrayList (); AWSCognitoIdentityProviderClient identityProviderClient = new AWSCognitoIdentityProviderClient( new BasicAWSCredentials(AWS_ACCESS_KEY, AWS_SECRET_KEY)); identityProviderClient.setRegion(RegionUtils.getRegion(USER_POOL_REGION)); // ...some code omitted ListUsersRequest listUsersRequest = new ListUsersRequest(); listUsersRequest.withUserPoolId(AWS_USER_POOL_ID); listUsersRequest.setLimit(limit);listUsersRequest.withFilter("sub=xyz"); // get ListUsersResult ListUsersResult result = identityProviderClient.listUsers(listUsersRequest); List userTypeList = result.getUsers(); usersList.addAll(userTypeList); while(result.getPaginationToken()!=null) { try { listUsersRequest.setPaginationToken(result.getPaginationToken()); result = identityProvider.listUsers(listUsersRequest); userTypeList = result.getUsers(); usersList.addAll(userTypeList); }catch (TooManyRequestsException e) { } } } }
In this article, we have seen the What is Amazon Cognito ,its features and how we get the list of all Amazon Cognito users using Java .
0 Comments
Post a Comment