堆栈内存溢出
  简体   繁体   English

amr在aws cognito中是什么意思

[英]What does amr mean in aws cognito

 原文  2016-04-25 10:40:33       amazon-cognito

问题描述

https://mobile.awsblog.com/post/Tx1OSMBRHZVM9V0/Understanding-Amazon-Cognito-Authentication-Part-3-Roles-and-Policies https://mobile.awsblog.com/post/Tx1OSMBRHZVM9V0/Understanding-Amazon-Cognito-Authentication-Part-3-Roles-and-Policies

I'm pretty new to AWS.我对 AWS 很陌生。 This blog series about AWS Cognito keep mentioning about amr like examples below这个关于 AWS Cognito 的博客系列不断提到 amr,如下面的例子

"ForAnyValue:StringLike": {
    "cognito-identity.amazonaws.com:amr": "login.myprovider.myapp"
}

Finally, we specify that the amr of the token contains the value unauthenticated.

I couldn't find and figure out what it means.我无法找到并弄清楚这意味着什么。

2 个解决方案

解决方案1
 5  2016-04-25 21:45:01

amr stands for 'Authentication Methods References'. amr代表“身份验证方法参考”。 That comes from the OpenID Connect specification. 这来自OpenID Connect规范。 http://openid.net/specs/openid-connect-core-1_0.html http://openid.net/specs/openid-connect-core-1_0.html

In the context of Cognito, this represents how the user was authenticated. 在Cognito的上下文中,这表示如何对用户进行身份验证。 For example if the user was authenticated using any of the supported providers (facebook, google, amazon), the amr will contain 'authenticated' and also the name for the provider eg 'graph.facebook.com' if user was authenticated using facebook. 例如,如果使用任何受支持的提供程序(facebook,google,amazon)对用户进行了身份验证,则如果用户使用facebook进行了身份验证,则amr将包含“已验证”以及提供程序的名称,例如“ graph.facebook.com”。 If the user was authenticated using google, it will be 'accounts.google.com'. 如果该用户使用google进行了身份验证,则将是“ accounts.google.com”。 If the user was authenticated without using any supported providers (Unauthenticated Identity), it will be 'unauthenticated'. 如果在不使用任何支持的提供程序的情况下对用户进行了身份验证(未经身份验证的身份),则该用户将为“未经身份验证”。

This is useful when you use Cognito Credenitials to access your AWS services and want to implement fine grained access control 当您使用Cognito Credenitials访问您的AWS服务并希望实施细粒度的访问控制时,这很有用

解决方案2
 0  2022-12-28 14:11:21

This is a really old question but I think it's worth mentioning that [AMR is an array[(https://self-issued.info/docs/draft-ietf-oauth-amr-values-01.html#rfc.section.2) in case anybody (like me) didn't notice.这是一个非常古老的问题,但我认为值得一提的是 [AMR 是一个数组 [(https://self-issued.info/docs/draft-ietf-oauth-amr-values-01.html#rfc.section。 2)以防万一有人(比如我)没有注意到。 That's the reason why in your condition clause you need to use ForAnyValue:StringLike not just StringLike.这就是为什么在您的条件子句中您需要使用 ForAnyValue:StringLike 而不仅仅是 StringLike 的原因。 Example:例子:

"Condition": {
    "StringEquals": {
        "cognito-identity.amazonaws.com:aud": "us-east-1:<your-id-pool-id>"
     },
     "ForAnyValue:StringLike": {
         "cognito-identity.amazonaws.com:amr": "authenticated"
     }
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 aws,loadbalancer,dns中的dualstack是什么意思? - aws, loadbalancer, what does dualstack mean in dns? “errorType”:“string”在 AWS Lambda 中是什么意思? - What does a "errorType": "string" mean in AWS Lambda? 可见性超时对 AWS SQS 意味着什么 - What does visibility Timeout mean for AWS SQS AWS IAM 策略中要求的资源类型意味着什么 - What does it mean for a resource type to be required in an AWS IAM policy AWS Cognito:令牌没有有效的受众 - AWS Cognito: token does not have a valid audience 在 AWS 中创建加密的 kinesis stream 时,%FIREHOSE_POLICY_TEMPLATE_PLACEHOLDER% 是什么意思? - When creating an encrypted kinesis stream in AWS, what does %FIREHOSE_POLICY_TEMPLATE_PLACEHOLDER% mean? AWS Cognito 与 AWS SSO - AWS Cognito with AWS SSO aws S3 ListObjectsV2 api 中的 start-after 是什么意思? - What does start-after in aws S3 ListObjectsV2 api mean? AWS Cognito RefreshToken API 始终显示“SecretHash 与客户端不匹配” - AWS Cognito RefreshToken API always show "SecretHash does not match for the client" Google Firebase 是否像 AWS Cognito 一样提供自助注册流程? - Is self signup process available with Google Firebase like it does with AWS Cognito?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM