Cognito 用户池和联合身份之间的 aws 服务差异 [英] aws service difference between cognito user pool and federated identity
问题描述
AWS 提供 cognito,为开发人员提供注册和登录功能,包括与 OpenId 的联合兼容的身份提供商,例如 facebook、google 等.
AWS provides cognito which provides the developer with sign-up and sign-in functionality including federations with OpenId compatible identity providers such as facebook, google etc.
cognito 开发者控制台中有两种类别.它们是管理用户池和管理联合身份.
There are two types of categories in cognito developer console. These are managing user pool and managing federated identities.
我只是有点困惑,因为两者都非常相似,即使我们想让我们的客户使用他们的 Facebook 帐户登录.Cognito 用户池本身提供联合,联合身份池也由身份验证提供者提供.
I'm just a little bit confused because both are very similar even we want to provide our client to login with their facebook account. The cognito user pool itself provides federation and federation identity pool also provide it by authentication providers.
问题是,如果我想让我的客户使用他们自己的 Facebook 帐户登录,我应该使用哪些类别?用户池还是联合身份?
The question is that if I want to allow my clients to use their own facebook account for sign-in, which categories should I use? user pool or federated identities?
此外,如果我想在 API 网关中配置授权方,我必须创建认知用户池和联合身份池.这是选择认知类别的主要原因吗?
In addition, if I want to configure authorizer in API gateway I have to create cognito user pool but federated identity pool. Is that the main reason choosing the cognito category?
推荐答案
您可以将用户池视为一种目录,其中包含姓名、电子邮件、电话号码等用户属性.这也提供了注册、登录能力.您可以将用户联合到用户池中.目前,您可以使用 Facebook、Google 和 SAML 作为用户池的身份提供者.
You can think of user pools as sort of a directory which contains user attributes such as name, email, phone number etc. This also provides sign up, sign in capability. You can federate users into user pools. Currently you can use Facebook, Google, and SAML as identity providers for user pools.
Cognito 联合身份让您可以将用户联合到 AWS 并提供 AWS 凭证,这些凭证可用于访问您在策略中允许的资源.对于 Cognito 联合身份,您还可以配置各种身份提供商,例如 Facebook、Google,并且 Cognito 用户池也可以作为身份提供商.
Cognito Federated identities lets you federate users into AWS and vends AWS credentials that can be used to access the resources you allow in your policy. For Cognito Federated Identities, you also have a variety of identity providers that you can configure such as Facebook, Google, and also Cognito User Pools can be an identity provider.
您使用什么取决于您的用例.如果您的应用程序不需要 AWS 资源,则可能只需要用户池.
What you use depends on your use case. If you don't require AWS resources for your app, probably User Pools is all you need.
这篇关于Cognito 用户池和联合身份之间的 aws 服务差异的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
