This course explores Amazon Cognito and how it can be used to manage authentication and authorization to your apps. We'll start with a general overview of Amazon Cognito and when to use it. Then we move on to user pools and identity pools. We round off the course by looking at how Amazon Cognito can be integrated with mobile and web apps and how to sync your app's user data across various platforms.
Learning Objectives
- Create your own authentication mechanisms using Amazon Cognito
- Create your own customized UI for user sign in
- Create a secure user directory for all your applications and users
Intended Audience
This course is intended for anyone who is trying to understand what mechanisms are available for user authentication within AWS and specifically, those who want to use third-party identity providers, such as Apple, Facebook, Google, and Amazon.
Prerequisites
- A decent understanding of cloud computing and cloud architectures, specifically with Amazon Web Services
- Familiarity with basic security terminology, IAM, user authentication, and federation
- It is helpful to know about Active Directory and other AD type services
Amazon Cognito answers another question that many web and mobile applications developers will need help with on some level - and that is the question of how to sync your application’s user data across various platforms.
That data might include profile information, application state, previously viewed content, location tracking, and all that kind goodness. It's these kinds of quality of life features that keep users happy. It allows the users to pick up where they left off when switching devices.
Amazon Cognito Sync can help take care of these data points for you, instead of you having to create your own backend that you would need to maintain and manage yourself.
The Sync feature also allows you to cache this data locally for when the device might not have access to the internet, and when the device comes back online, it can resync with the server.
All data points are saved within a dataset - which are saved and retrieved by a key-value pair system. Each dataset can have a maximum size of 1MB ( which is quite a lot of key-value pairs ) as long as you are not trying to save novels.
These datasets are in turn associated with a Cognito identity which can have a maximum of 20 datasets.
When syncing information back to Cognito - the smallest amount of data you can operate on is an entire dataset.
All generic read and write operations are performed locally, and when you decide to sync the information, the entire dataset is synchronized all at once.
In practice, the dataset functions just like a dictionary, A simple key-value system. Those keys can be read, added to, or modified just like a normal dictionary.
Here is a javascript example and the code for syncing is just as simple.
You do of course want to handle any callbacks from the service so your application can deal with errors and successes appropriately. Here is the same syncing function with some callback options.
Now a fair bit of warning for Cognito sync, is that AWS is currently trying to move this functionality over to AWS AppSync. It hosts all of the same features as the Cognito version, but has the additional functionality of letting multiple users access the same data. Giving them the power to synchronize and collaborate in real-time on that shared data. So make sure to take a look at both service options when you decide to build that out.
William Meadows is a passionately curious human currently living in the Bay Area in California. His career has included working with lasers, teaching teenagers how to code, and creating classes about cloud technology that are taught all over the world. His dedication to completing goals and helping others is what brings meaning to his life. In his free time, he enjoys reading Reddit, playing video games, and writing books.