This article is a technical guide to using AWS Cognito for User Management in an application that leverages serverless functions.
One of the most common components of web applications is a user management system that facilitates sign up, sign in, creation of a user profile and assigning permissions so the user can securely access appropriate application features and functionalities. Serverless architecture, or using serverless functions as part of a microservices architecture, means you don’t have to code common components like a user management system from scratch but can simply integrate a ready-made function.
In this technical guide, we’ll take you through the step-by-step process of integrating AWS Cognito, the world’s largest cloud and serverless provider’s user management system.
Agile & DevOps teams and consultants
Supercharge your next cloud development project!
Regardless of the serverless platform they are native to serverless user management functions are all relatively similar and include the following features:
Let’s walk through the integration process for the AWS Cognito user management component and you’ll see just how easy it can be to configure.
First, log in to your AWS account and select Services from the navigation. You’ll find Cognito under the Security, Identity & Compliance category.
Select the AWS regions in which you want to instantiate the user management component. You should be aiming for geographically proximity to as many of your users as possible.
Click on ‘Create a User Pool’ and type in name (like TestAppUserPool)
Click on the Review defaults and Create Pool button in an opened window. Your User Pool has been created.
Configure a Client Application that will use this user management component (it can be shared between different applications). Make sure you uncheck the Generate Client checkbox.
Configure Client Application settings to integrate the created App Client with your User Pool. Choose callback URL’s for sign in/sign out requests.
Configure a domain name for your User Pool UI, by selecting App Integration->Domain name and typing domain prefix, check availability and save changes.
That’s it. You have created and configured your first user management serverless function which you can use now in your web application. You can use it to secure your web/mobile application resources with AWS SDK, AWS Amplify and Serverless Framework.
Now check your browser is going to the address:
https://<DOMAIN_NAME>..auth.<AWS_REGION>.amazoncognito.com/login?response_type=code&client_id=<APP_CLIENT_ID>&redirect_uri=<REDIRECT_URL>
DOMAIN_NAME – from step 7
AWS_REGION – from step 7
APP_CLIENT_ID – from step 5
REDIRECT_URL – from step 6
Sample: (https://mytestappuserpooldomain.auth.eu-central-1.amazoncognito.com/login?response_type=code&client_id=6ka14g4k7vvkqbubga33c2n0g&redirect_uri=https://localhost:4200)
You should see an AWS User Management login form which can be easily customized to your needs in the UI Customization settings of your AWS Cognito User Pool.
Try to sign up to your application and after passing through the registration process, which by default is protected with an email verification code (put a real email during registration to see it), sign in and you’ll be redirected to the URL you have chosen at step 6.
There are a lot of configurations available for your User Pool, from required fields and password strength policies to multi-factor authorization and single sign on with different Identity Providers (Twitter, Facebook).
There are many alternatives to AWS Cognito as a serverless User Management function. Other serverless platform providers and 3rd party vendors all offer components with almost identical core features and functionalities. Some examples are:
They all share similar features and can be considered if your infrastructure means another choice than AWS Cognito is more appropriate (eg. If using Windows Servers – consider the Azure user management service).
We hope this step-by-step guide to the features and configuration of the AWS Cognito User Management component help demonstrate just how powerful and convenient contemporary Serverless components have become
From our base in Munich, we have established ourselves as one of Germany and Europe’s most trusted nearshore IT outsourcing providers. With over 20 years of experience working with partners that range from blue-chip multinationals to exciting SMEs and start-ups, our German management and nearshored tech talent offers a perfect blend of communication, quality and price point.
We specialise in web, cloud-native and DevOps technologies and offer nearshore team augmentation, dedicated software development teams, consultants and IT recruitment services. We’d be delighted to hear from you regarding any web, serverless and cloud development projects you may need experienced support for. Just drop us a line!
K&C - Creating Beautiful Technology Solutions For 20+ Years . Can We Be Your Competitive Edge?
Drop us a line to discuss your needs or next project