1

I am already using AWS Cognito for authenticating a web application (using the Hosted UI, and flask_awscognito). The user pool has already been created, and all user creation or any other user pool management is done outside of the app (eg directly through the console, or CloudFormation or similar). Now we want to authenticate users from an Android app, and it is proving remarkably hard to find out how to do this.

All the AWS docs direct you to Amplify - the trouble is Amplify wants you to "initialize" and in the process seems to require AWS credentials, and for a user with permissions to CloudFormation and things none of which should be required for simply authenticating users.

Is there (any documentation for) a way to simply authenticate a user to a cognito user pool for Android? This should be similar to the authentication for the web app, with the difference that the any interaction with the hosted UI, if required, would have to be programmatic rather than via redirection to an AWS hosted login page.

It seems odd that simple authentication to a user pool from Android (without required AWS credentials, or using a user pool created with Amplify) is neither straightforward or documented . Or am I just failing to find it?

bandjalong
  • 21
  • 3

1 Answers1

1

It turns out it is possible to authenticate from Android without Amplify. The trick is to make use of "deep-linking" where a URL can be directed to an app on the device. We added a URL to the configured callback URLs for the user pool, and configured the Android app to handle this URL. The flow is then as follows: To login from the app, the app brings up a web view of the hosted ui, specifying the newly configure callback URL. When the user has successfully logged in via the hosted pages, the redirect comes back with the new URL, and this is now received by the app. We switched to requesting the token directly (rather than getting a code back) to avoid having to go through the protocol to exchange a code for a token.

The answer to this question was helpful: Cognito hosted UI

bandjalong
  • 21
  • 3
  • what is default flow? code or token, can you share amplifyconfiguration.json config OAuth section --obviously hiding your credentials. I want to know the json structure and format of URI handling. – Swaminath Bera Jun 12 '23 at 13:07