[英]How to pass Cognito token to Amazon API Gateway?
I'm developing web app based on Amazon API Gateway.我正在开发基于 Amazon API Gateway 的 Web 应用程序。 Now I created Facebook login and successfully logged into website.现在我创建了 Facebook 登录并成功登录到网站。 but when I call another API, everything gone.但是当我调用另一个 API 时,一切都消失了。 I think I should pass Cognito token when call API everytime.我认为每次调用 API 时我都应该传递 Cognito 令牌。 am I right?我对吗?
if yes, how to pass Cognito token to API?如果是,如何将 Cognito 令牌传递给 API? like header?喜欢标题? or another way?或其他方式?
Thanks,谢谢,
You are using the "Basic Authflow" from cognito identity, which means you will need to get credentials for your users by calling STS's "AssumeRoleWithWebIdentity".您正在使用来自 cognito 身份的“Basic Authflow”,这意味着您需要通过调用 STS 的“AssumeRoleWithWebIdentity”来为您的用户获取凭据。 Here is some documentation to help: http://docs.aws.amazon.com/cognito/devguide/identity/concepts/authentication-flow/这里有一些帮助文档: http : //docs.aws.amazon.com/cognito/devguide/identity/concepts/authentication-flow/
Once you have credentials, you can instantiate the API Gateway Client:获得凭据后,您可以实例化 API Gateway 客户端:
var client = apigClientFactory.newClient({
accessKey: ACCESS_KEY,
secretKey: SECRET_KEY,
sessionToken: SESSION_TOKEN });
The keys and tokens come from the result of the "AssumeRoleWithWebIdentity" call.键和令牌来自“AssumeRoleWithWebIdentity”调用的结果。
If you have configured your IAM roles, and Authorizations correctly you should be able to access your API.如果您已正确配置 IAM 角色和授权,您应该能够访问您的 API。
Here is the documentation describing how to configure the roles & authorization: http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-method-settings.html#how-to-method-settings-callers-console这是描述如何配置角色和授权的文档: http : //docs.aws.amazon.com/apigateway/latest/developerguide/how-to-method-settings.html#how-to-method-settings-callers -安慰
Also, here is how to enable CORS - http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-cors.html此外,这里是如何启用 CORS - http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-cors.html
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.