By: Xuejiao Zhang user 28 Aug 2019 at 8:36 p.m. CDT

4 Responses
Xuejiao Zhang gravatar
I have an Android APP which calls AWS API Gateway. I would like to add the authentication feature. When users login on Android APP, I would like to have AWS cognito (identity pool) to authenticate using Gluu server as user pool (federation SAML). Do you have any instructions to follow? I am referring to this now: https://gluu.org/docs/ce/integration/saas/aws/ . I would like to hear your opinion about the design. Thanks in advance.

By Michael Schwartz staff 28 Aug 2019 at 10:12 p.m. CDT

Michael Schwartz gravatar
Sounds like a terrible idea. Why bother using Amazon cognito? Use appauth from OpenID github, and just store users in the Gluu Server itself

By Xuejiao Zhang user 29 Aug 2019 at 12:54 a.m. CDT

Xuejiao Zhang gravatar
@Michael.Schwartz On the App, we would need to use AWS resources (such as AWS API Gateway, S3 etc.), we would like to have Gluu as user pool associated with AWS Cognito identity pool. Once users login successfully, they could assume the role on AWS and have the policies/permissions to operate AWS resources.

By Michael Schwartz staff 29 Aug 2019 at 2:51 p.m. CDT

Michael Schwartz gravatar
Why can't you just use Cognito OpenID Connect authentication service? You could get an access token or identity assertion (id_token) from the Cognito token endpoint.

By Xuejiao Zhang user 29 Aug 2019 at 6:36 p.m. CDT

Xuejiao Zhang gravatar
@Michael.Schwartz Do you mean this? 1. Set up Gluu server as Cognito Open ID Connect Providers (Identity Pools) 2. Get id Token from Gluu Seerver 3. Use idToke from Gluu Server to exchange AWS credentions from Cognito Identity pool