diff --git a/src/fragments/lib/auth/js/advanced.mdx b/src/fragments/lib/auth/js/advanced.mdx index c2206e6aeb2..3ba8595c7b5 100644 --- a/src/fragments/lib/auth/js/advanced.mdx +++ b/src/fragments/lib/auth/js/advanced.mdx @@ -271,7 +271,7 @@ const SignInWithGoogle = () => { You can use `Auth0` as one of the providers of your Cognito Identity Pool. This will allow users authenticated via Auth0 have access to your AWS resources. -Step 1. [Follow Auth0 integration instructions for Cognito Federated Identity Pools](https://auth0.com/docs/integrations/integrating-auth0-amazon-cognito-mobile-apps) +Step 1. [Follow Auth0 integration instructions for Cognito Federated Identity Pools](https://auth0.com/docs/customize/integrations/aws/amazon-cognito) Step 2. Login with `Auth0`, then use the id token returned to get AWS credentials from `Cognito Federated Identity Pools` using custom credentials provider you created at the start: @@ -403,7 +403,7 @@ const myTokenProvider: TokenProvider = { const accessTokenString = ''; const idTokenString = ''; - + return { accessToken: decodeJWT(accessTokenString), idToken: decodeJWT(idTokenString), diff --git a/src/fragments/sdk/auth/android/hosted-ui.mdx b/src/fragments/sdk/auth/android/hosted-ui.mdx index 136caeae3fe..633f15e3f0f 100644 --- a/src/fragments/sdk/auth/android/hosted-ui.mdx +++ b/src/fragments/sdk/auth/android/hosted-ui.mdx @@ -19,23 +19,23 @@ amplify add auth ## "amplify update auth" if already configured Choose the following options (the last steps are specific to Facebook here but are similar for other providers): ```console -? Do you want to use the default authentication and security configuration? +? Do you want to use the default authentication and security configuration? `Default configuration with Social Provider (Federation)` -? How do you want users to be able to sign in? +? How do you want users to be able to sign in? `Username` -? Do you want to configure advanced settings? +? Do you want to configure advanced settings? `No, I am done.` -? What domain name prefix you want us to create for you? +? What domain name prefix you want us to create for you? `(default)` -? Enter your redirect signin URI: +? Enter your redirect signin URI: `http://localhost:3000/` -? Do you want to add another redirect signin URI +? Do you want to add another redirect signin URI `No` -? Enter your redirect signout URI: +? Enter your redirect signout URI: `http://localhost:3000/` -? Do you want to add another redirect signout URI +? Do you want to add another redirect signout URI `No` -? Select the social providers you want to configure for your user pool: +? Select the social providers you want to configure for your user pool: `` ``` @@ -311,7 +311,7 @@ Note: The User Pool OIDC JWT token obtained from a successful sign-in will be fe You can use `AWSMobileClient` to use `Auth0` as `OAuth 2.0` provider. You can use `Auth0` as one of the providers of your Cognito Federated Identity Pool. -This will allow users authenticated via Auth0 have access to your AWS resources. Learn [how to integrate Auth0 with Cognito Federated Identity Pools](https://auth0.com/docs/integrations/integrating-auth0-amazon-cognito-mobile-apps) +This will allow users authenticated via Auth0 have access to your AWS resources. Learn [how to integrate Auth0 with Cognito Federated Identity Pools](https://auth0.com/docs/customize/integrations/aws/amazon-cognito) ### Setup Auth0 Hosted UI in Android App diff --git a/src/fragments/sdk/auth/ios/hosted-ui.mdx b/src/fragments/sdk/auth/ios/hosted-ui.mdx index 770b304523e..5955526b3de 100644 --- a/src/fragments/sdk/auth/ios/hosted-ui.mdx +++ b/src/fragments/sdk/auth/ios/hosted-ui.mdx @@ -231,7 +231,7 @@ AWSMobileClient.default().signOut() ## Set up Auth with Auth0 -You can use `AWSMobileClient` to use `Auth0` as an `OAuth 2.0` provider. You use `Auth0` as an identity provider for a Cognito Federated Identity Pool. This will allow users authenticated via Auth0 to have access to your AWS resources. Learn [how to integrate Auth0 with Cognito Federated Identity Pools](https://auth0.com/docs/integrations/integrating-auth0-amazon-cognito-mobile-apps) +You can use `AWSMobileClient` to use `Auth0` as an `OAuth 2.0` provider. You use `Auth0` as an identity provider for a Cognito Federated Identity Pool. This will allow users authenticated via Auth0 to have access to your AWS resources. Learn [how to integrate Auth0 with Cognito Federated Identity Pools](https://auth0.com/docs/customize/integrations/aws/amazon-cognito) ### Configure your iOS App diff --git a/src/pages/[platform]/build-a-backend/auth/advanced-workflows/index.mdx b/src/pages/[platform]/build-a-backend/auth/advanced-workflows/index.mdx index 0acf1f4fe65..3955e0be8e9 100644 --- a/src/pages/[platform]/build-a-backend/auth/advanced-workflows/index.mdx +++ b/src/pages/[platform]/build-a-backend/auth/advanced-workflows/index.mdx @@ -32,18 +32,18 @@ export function getStaticProps(context) { ## Identity Pool Federation -With identity federation, you don't need to create custom sign-in code or manage your own user identities. Instead, users of your app can sign in using a well-known external identity -provider (IdP), such as Login with Amazon, Facebook, Google, or any other OpenID Connect (OIDC)-compatible IdP. They can receive an authentication token, and then exchange that token for -temporary security credentials in AWS that map to an IAM role with permissions to use the resources in your AWS account. Using an IdP helps you keep your AWS account secure because you +With identity federation, you don't need to create custom sign-in code or manage your own user identities. Instead, users of your app can sign in using a well-known external identity +provider (IdP), such as Login with Amazon, Facebook, Google, or any other OpenID Connect (OIDC)-compatible IdP. They can receive an authentication token, and then exchange that token for +temporary security credentials in AWS that map to an IAM role with permissions to use the resources in your AWS account. Using an IdP helps you keep your AWS account secure because you don't have to embed and distribute long-term security credentials with your application. Imagine that you are creating a mobile app that accesses AWS resources, such as a game that runs on a mobile device and stores player and score information using Amazon S3 and DynamoDB. -When you write such an app, you make requests to AWS services that must be signed with an AWS access key. However, we strongly recommend that you do not embed or distribute long-term -AWS credentials with apps that a user downloads to a device, even in an encrypted store. Instead, build your app so that it requests temporary AWS security credentials dynamically when +When you write such an app, you make requests to AWS services that must be signed with an AWS access key. However, we strongly recommend that you do not embed or distribute long-term +AWS credentials with apps that a user downloads to a device, even in an encrypted store. Instead, build your app so that it requests temporary AWS security credentials dynamically when needed using identity federation. The supplied temporary credentials map to an AWS role that has only the permissions needed to perform the tasks required by the mobile app. -You can use `federateToIdentityPool` to get AWS credentials directly from Cognito Federated Identities and not use User Pool federation. If you logged in with `Auth.signIn` you **cannot** +You can use `federateToIdentityPool` to get AWS credentials directly from Cognito Federated Identities and not use User Pool federation. If you logged in with `Auth.signIn` you **cannot** call `federateToIdentityPool` as Amplify will perform this federation automatically for you in the background. In general, you should only call `Auth.federatedSignIn()` when using OAuth flows. You can use the escape hatch API `federateToIdentityPool` with a valid token from other social providers. @@ -293,7 +293,7 @@ When you write such an app, you make requests to AWS services that must be signe With web identity federation, you don't need to create custom sign-in code or manage your own user identities. Instead, users of your app can sign in using a well-known external identity provider (IdP), such as Login with Amazon, Facebook, Google, or any other OpenID Connect (OIDC)-compatible IdP. They can receive an authentication token, and then exchange that token for temporary security credentials in AWS that map to an IAM role with permissions to use the resources in your AWS account. Using an IdP helps you keep your AWS account secure, because you don't have to embed and distribute long-term security credentials with your application. -You can use `federateToIdentityPool` to get AWS credentials directly from Cognito Federated Identities and not use User Pool federation. If you have logged in with `Auth.signIn` you **can not** call `federateToIdentityPool` as Amplify will perform this federation automatically for you in the background. In general, you should only call `Auth.federateToIdentityPool` when using OAuth flows. +You can use `federateToIdentityPool` to get AWS credentials directly from Cognito Federated Identities and not use User Pool federation. If you have logged in with `Auth.signIn` you **can not** call `federateToIdentityPool` as Amplify will perform this federation automatically for you in the background. In general, you should only call `Auth.federateToIdentityPool` when using OAuth flows. You can use the escape hatch API `federateToIdentityPool` with a valid token from other social providers. @@ -721,7 +721,7 @@ const SignInWithGoogle = () => { You can use `Auth0` as one of the providers of your Cognito Identity Pool. This will allow users authenticated via Auth0 have access to your AWS resources. -Step 1. [Follow Auth0 integration instructions for Cognito Federated Identity Pools](https://auth0.com/docs/integrations/integrating-auth0-amazon-cognito-mobile-apps) +Step 1. [Follow Auth0 integration instructions for Cognito Federated Identity Pools](https://auth0.com/docs/customize/integrations/aws/amazon-cognito) Step 2. Login with `Auth0`, then use the id token returned to get AWS credentials from `Cognito Federated Identity Pools` using custom credentials provider you created at the start: @@ -853,7 +853,7 @@ const myTokenProvider: TokenProvider = { const accessTokenString = ''; const idTokenString = ''; - + return { accessToken: decodeJWT(accessTokenString), idToken: decodeJWT(idTokenString), diff --git a/src/pages/gen1/[platform]/prev/build-a-backend/auth/advanced-workflows/index.mdx b/src/pages/gen1/[platform]/prev/build-a-backend/auth/advanced-workflows/index.mdx index 0f5a7137a50..ad896ffc92d 100644 --- a/src/pages/gen1/[platform]/prev/build-a-backend/auth/advanced-workflows/index.mdx +++ b/src/pages/gen1/[platform]/prev/build-a-backend/auth/advanced-workflows/index.mdx @@ -419,7 +419,7 @@ Auth.configure({ You can use `Auth0` as one of the providers of your Cognito Identity Pool. This will allow users authenticated via Auth0 have access to your AWS resources. -Step 1. [Follow Auth0 integration instructions for Cognito Federated Identity Pools](https://auth0.com/docs/integrations/integrating-auth0-amazon-cognito-mobile-apps) +Step 1. [Follow Auth0 integration instructions for Cognito Federated Identity Pools](https://auth0.com/docs/customize/integrations/aws/amazon-cognito) Step 2. Login with `Auth0`, then use the id token returned to get AWS credentials from `Cognito Federated Identity Pools` using `Auth.federatedSignIn`: