AWS Cognito令牌类型 [英] AWS Cognito token types
本文介绍了AWS Cognito令牌类型的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在尝试设置Cognito,但我无法理解以下三种类型的令牌之间的区别:
I'm trying to setup Cognito and I'm having trouble understanding the differences between the following three types of tokens:
- 令牌(由 getOpenIdTokenForDeveloperIdentity 返回)
- SessionToken(由 getCredentialsForIdentity )
- SyncSessionToken(由 listRecords )
- Token (returned by getOpenIdTokenForDeveloperIdentity)
- SessionToken (returned by getCredentialsForIdentity)
- SyncSessionToken (returned by listRecords)
这些令牌以哪种方式关联/不同?
In which way are these tokens related/different ?
推荐答案
下面简要介绍了您所讨论的3个标记。我将尽可能将您链接到更详细的文档。
Here is a brief description of the 3 tokens that you talked about. I will try to link you to more detailed documentation where ever possible.
- 令牌:这是一个OpendId Connect由Cognito Identity发行的兼容ID令牌,以经过签名和可验证的方式声明用户身份。将此令牌视为数字身份卡,客户端可以使用该数字身份卡来验证用户身份。您可以参考认知API文档,以获取有关如何获取此令牌的详细信息和本文档以了解有关如何验证此令牌为
- SessionToken :此令牌由服务发布,作为用户AWS会话的描述符以及临时AWS凭证。 Cognito代表您呼叫STS,并返回返回的临时凭证。在使用已发布的临时凭证使用其他AWS资源时,此令牌应成为传递的临时凭证的一部分。请参考认知API参考和 STS文档了解更多详细信息。
- SyncSessionToken :是在初始化同步操作后由Cognito Sync服务发布的标识。此同步操作用作Cognito同步定价的单位。当您使用此令牌执行成功的写入/更新记录或此令牌过期时,同步操作将标记为已完成。
- Token: This is a OpendId Connect compliant id token issued by Cognito Identity which asserts the users identity in a signed and verifiable way. Consider this token as a digital identity card which can be used by clients to verify the identity of users. You can refer to cognito API documentation for details on how to obtain this token and this documentation for more details on how to validate this token as a client.
- SessionToken: This token is issued by the service as a descriptor of users AWS session along with the temporary AWS credentials. Cognito calls STS on your behalf and returns the temporary credentials returned. When using other AWS resources using the issued temporary credentials, this token should be a part of the passed temporary credentials. Refer to cognito API reference and STS documentation for more details.
- SyncSessionToken: Is an identitfier issued by Cognito Sync service after initializing a sync operation. This sync operation is used as a unit for Cognito sync pricing. A sync operation is marked complete when you perform a successful write/update records using this token or this token expires.
希望这会有所帮助。
这篇关于AWS Cognito令牌类型的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
