适用于API令牌身份验证的AWS Cognito [英] AWS Cognito for API token authentication
问题描述
我正在用Java构建一个使用AWS cognito的HTTP API,并且开发人员通过了身份验证身份来提供令牌来保护该API。我已将登录系统配置为在用户登录且认知身份池包含每个用户以及与我的后端相关联的开发人员身份时发出认知令牌,但是我很难找到一种简单的方法来检索特定于用户的信息来自Cognito令牌的开发者标识符。我尝试使用 AssumeRoleWithWebIdentityResult API调用,但是无法找到有关确定开发人员标识符的文档,仅是用于获取临时AWS凭证的示例。
I am building an HTTP API in java that uses AWS cognito, and developer authenticated identities to provide tokens to secure the API. I have configured the login system to issue a cognito token when a user logs in and the cognito identity pool contains each user and a developer identity associated with my backend, but I am having a very difficult time finding a straightforward way to retrieve a users specific developer identifier from the cognito token. I have attempted to use the AssumeRoleWithWebIdentityResult API call, but have been unable to find documentation about it for determining the developer identifier, only examples for obtaining temporary AWS credentials.
推荐答案
一旦有了临时的AWS凭证,则在调用后端时,您可以在上下文中访问调用方的认知标识符。然后,您可以检索开发人员标识符在服务器端使用 lookupDeveloperIdentity 。
Once you have temporary AWS credentials, when you call the backend, you can access to the cognito identifier of the caller in the context. Then you can retrieve the developer identifier using lookupDeveloperIdentity on the server side.
这篇关于适用于API令牌身份验证的AWS Cognito的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
