How To Add Google Social Sign On To Amazon Cognito | Step by Step Tutorial
HTML-код
- Опубликовано: 3 июл 2024
- In this video, I walk you through how to set up Google Social Sign On with Amazon Cognito. I show you how to set up an Amazon Cognito Userpool, create a client application, configure your user pool, create your google application, and finally tie your cognito application to allow for Google Social Sign On. I walk you through every single setting in this step by step tutorial.
Looking to get hands on experience building on AWS with a REAL project? Check out my course - The AWS Learning Accelerator! courses.beabetterdev.com/cour...
Like the video? Check out the blog post for more details: beabetterdev.com/2021/08/16/h...
🎉SUPPORT BE A BETTER DEV🎉
Become a Patron: / beabetterdev
📚 MY RECOMMENDED READING LIST FOR SOFTWARE DEVELOPERS📚
Clean Code - amzn.to/37T7xdP
Clean Architecture - amzn.to/3sCEGCe
Head First Design Patterns - amzn.to/37WXAMy
Domain Driver Design - amzn.to/3aWSW2W
Code Complete - amzn.to/3ksQDrB
The Pragmatic Programmer - amzn.to/3uH4kaQ
Algorithms - amzn.to/3syvyP5
Working Effectively with Legacy Code - amzn.to/3kvMza7
Refactoring - amzn.to/3r6FQ8U
🎙 MY RECORDING EQUIPMENT 🎙
Shure SM58 Microphone - amzn.to/3r5Hrf9
Behringer UM2 Audio Interface - amzn.to/2MuEllM
XLR Cable - amzn.to/3uGyZFx
Acoustic Sound Absorbing Foam Panels - amzn.to/3ktIrY6
Desk Microphone Mount - amzn.to/3qXMVIO
Logitech C920s Webcam - amzn.to/303zGu9
Fujilm XS10 Camera - amzn.to/3uGa30E
Fujifilm XF 35mm F2 Lens - amzn.to/3rentPe
Neewer 2 Piece Studio Lights - amzn.to/3uyoa8p
💻 MY DESKTOP EQUIPMENT 💻
Dell 34 inch Ultrawide Monitor - amzn.to/2NJwph6
Autonomous ErgoChair 2 - bit.ly/2YzomEm
Autonomous SmartDesk 2 Standing Desk - bit.ly/2YzomEm
MX Master 3 Productivity Mouse - amzn.to/3aYwKVZ
Das Keyboard Prime 13 MX Brown Mechanical- amzn.to/3uH6VBF
Veikk A15 Drawing Tablet - amzn.to/3uBRWsN
🌎 Find me here:
Twitter - / beabetterdevv
Instagram - / beabetterdevv
Patreon - Donations help fund additional content - / beabetterdev
#SoftwareEngineer
#SoftwareDeveloper
Learn how to use a Cognito User pool to authenticate users via API Gateway! ruclips.net/video/oFSU6rhFETk/видео.html
Hi, how to redirect after social login successfully logged in and callback to Application activity?
I am struggling to get callback.
Thank you for that video, that was exactly what i was looking for!
You're very welcome Alex!
Oh my, this is by far the best video on how to integrate Cognito! I've done some long journey to your video and liked the way you explained it, sure I am subscribed after this nice job...
You're very welcome!
Thank you so much.
its a great video. thank you so much for sharing all these info !
You're very welcome!
awesome topic !!!!! thank you
You're very welcome!
It's a beautiful video, Its definitely underrated
Thank you so much!
Well explained, thanks
You're very welcome!
Dammit, man, thank you!!!
You're very welcome!
helpful
Amazing Video !
But, I want to know how to do the Sign Up, Login & other MFA if I already have a existing backend in AWS Cognito .
And have the below details of the existing backend :-
aws_cognito_identity_pool_id:
aws_cognito_region:
aws_user_pools_id:
aws_user_pools_web_client_id:
I hope this question will generate curiosity in you.
Please make a separate vdo on this topic
Dziękujemy.
Thank you so much for your generosity!
Please create video on AWS Kendra..
Great Video! I have the exact same setup for an application and I also want to use other services from the Google API such as profile or calendar of a user. Does the cognito session also include an access token to google API stuff? Problem is that I don't want to ask the user twice to log in to his google account to get access to the required resources. Or is asking the user again for the required scopes the only way to retrieve the access token for the google APIs?
Hi , is this configuration can I use custom application? Like php Laravel application
Beast
Can you please make a video on preventing multiple logins per user with Cognito? it's a lacking feature currently and people are struggling.
Hi Damian,
This is certainly something I can look into making a video on. Thanks for raising this topic!
Hello , how would be the way to go without relying at all in the hosted UI?
Thanks for the tutorial. How would you recommend setting up the callback url so that it is localhost during local development and your hosted site in production environments?
use ngrok or something while using localhost
How can we get refresh token?
I don't want to use hosted UI, please make a video on using your own UI with callbacks, as it's really confusing
hii, i am new with cognito, So i want to when you successful do login using above, is our data like email, name etc also gets stored in DynamoDB or not.
beacuse i have successfull done above stuff and also i am able to see user in user-pool, but that same data is not visable in DynamoDB.
thankuuu so much
How to do this for an Android app instead of a Web app?
I've been looking for this tutorial for a long time as in my company is currenty migrating its user base to a serverless solution using Cognito with Social Sign In + Trigger Lambdas. We ran into the question of what happens if a user signs up using an external IdP and later they sign up organically with username/password credentials. From what we've seen is that Cognito creates two user accounts with the same email that are not related to one another, which that's pretty confusing and could lead to potential errors for user data synchronization between accounts, specially when updating user attributes and with ID Token generations as they may not have the same claims.
Is there a way to link external users with native users or how should we handle this edge case?
Thank you!
Hey Gabriel,
Great question. This is a very similar topic to what I am currently researching for a project I'm working on.
So far, I've discovered a neat functionality called 'AdminLinkProviderForUser'. This API allows you to 'link' users together when they sign in using a SSO provider. I believe you would have to use some kind of Lambda hook that calls the API, perhaps at the 'Pre-Sign Up' and 'Pre-Authentication' points.
I haven't tried any of this myself, but looks to be the right way to go. I'll be trying it out in the coming weeks though. If you come up with another approach please email me - I'd love to know how you did it.
Link for AdminLinkProviderForUser - docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminLinkProviderForUser.html
Hope this helps and thanks for the question,
Daniel
Really awesome video tutorial. I'm still a bit confused with AWS Cognito pricing. It states the first 50,000 MAU (Monthly Access Users) is free, but it's unclear as to whether OAuth2 i.e. Google is also part of that free tier or whether there are additional charges. Would you know? Thank you.
Hi Ken, I believe social sign on providers are included in the 50,000. Hope this helps.
@@BeABetterDev Thank you
SAML is not included in the free limit
whys there no sign-up using google option?
why implicit grant rather than Authorization code grant? Aws doesn't recommend using Implicit Grant. Would love to see someone using Authorization code grant
Why wouldn't you use the Identity Pool instead of the User Pool, for so-called 'Identity', right (?). What's the difference?
So if I understand correctly, when you configure to 'federate' that is passing the providers (cognito user, google, etc) through the cognito identity pool anyway.
Just different facades, configuration, etc, for that process.
Hi Michael,
Identity Pools are a bit of a confusing concept in Cognito. The name is a misnomer - in fact, I recall being in an AWS talk where a engineer from the cognito team "wished they could have picked a different name for identity pool". That being said, Identity pools actually allow users to be granted IAM credentials for access to AWS services in your account after the authentication step (i.e. using your user pool). Hope this clears up the confusion.
Hey, The email of your user is marked as not verified. How do you managed to verify it? The hosted ui didn't prompt you to insert any code, nor cognito sent you an email with a code, like it normally does. I'm stuck!
Hi Giulio - Cognito should send you a confirmation email. Maybe try to check your spam folder?
you have to map email_verified as is name & given_name
I found the article really handy, thank you.
But I do have a HUGE issue, and you might have it too. First signup with google, creates the user in the pool and works fine. But if, on a different browser you try with the same google user to login, you get an ERROR: [redirect-url]?error_description=Invalid+user+attributes%3A+email%3A+Attribute+cannot+be+updated.%0A+&error=invalid_request
It seems to be caused by the fact that email is required.