Sample authorization with AWS recognized tokens and users:

The steps for authorization in AWS are as follows:

1.       A user pool is setup with an app Client

2.       An HTTP API is set up with this user pool authorizer.

3.       The authorizer is validated using the identity token for a user

a.       This is available from the user pool using the following steps:

import { Auth } from 'aws-amplify';

 

async function signIn() {

    try {

        const user = await Auth.signIn(username, password);

    } catch (error) {

        console.log('error signing in', error);

    }

}

 

To repeat the signin, we can signout globally from all devices with:

import { Auth } from 'aws-amplify';

 

async function signOut() {

    try {

        await Auth.signOut();

    } catch (error) {

        console.log('error signing out: ', error);

    }

}

b.       Only the identity token in well-known JSON Web Token format is supplied. The access token is discarded

4.       When the authorizer is validated successfully, a sample API call can be made across the wire using a Postman sample as follows:

a.       Make an OAuth token using the Cognito’s oath endpoint

b.       Pass the OAuth token in the authorization header field.