如何为AWS Cognito用户生成访问令牌?
[英]How to generate access token for an AWS Cognito user?
问题描述
I' using Cognito user pool for securing my API gateway . 
我'使用Cognito用户池来保护我的API网关。 Now I would like to make requests to my API using postman but I need to pass in Authorization token as the API is secured. 现在我想使用邮递员向我的API发出请求,但我需要传递授权令牌,因为API是安全的。 Is there any AWS CLI command or REST API to generate auth tokens(by passing username/password)? 是否有AWS CLI命令或REST API来生成身份验证令牌(通过传递用户名/密码)? I have searched documentation but couldn't find any examples. 我搜索过文档,但找不到任何示例。 Thanks for your help. 谢谢你的帮助。
3 个解决方案
解决方案1
9 2018-08-14 03:17:53
You can do this using the following CLI commands: 您可以使用以下CLI命令执行此操作:
Register a user 注册用户
aws cognito-idp sign-up --region {your-aws-region} --client-id {your-client-id} --username admin@example.com --password password123
Confirm user registration 确认用户注册
aws cognito-idp admin-confirm-sign-up --region {your-aws-region} --user-pool-id {your-user-pool-id} --username admin@example.com
Authenticate (get tokens) 认证(获得令牌)
aws cognito-idp admin-initiate-auth --region {your-aws-region} --cli-input-json file://auth.json
Where auth.json is: auth.json的位置是:
{
"UserPoolId": "{your-user-pool-id}",
"ClientId": "{your-client-id}",
"AuthFlow": "ADMIN_NO_SRP_AUTH",
"AuthParameters": {
"USERNAME": "admin@example.com",
"PASSWORD": "password123"
}
}
You should get a response like this if everything is set up correctly: 如果一切设置正确,您应该得到这样的响应:
{
"AuthenticationResult": {
"ExpiresIn": 3600,
"IdToken": "{your-idtoken}",
"RefreshToken": "{your-refresh-token}",
"TokenType": "Bearer",
"AccessToken": "{your-access-token}"
},
"ChallengeParameters": {}
}
解决方案2
1 2018-03-02 06:05:09
There is an AWS CLI command to generate Auth Tokens. 有一个AWS CLI命令可以生成Auth Tokens。 You can use InitiateAuth CLI Command for this. 您可以使用InitiateAuth CLI命令 。
Note: Make sure you have done the UserPool configuration matching the expected tokens. 注意:确保已完成与预期标记匹配的UserPool配置。
解决方案3
1 2019-06-12 10:50:51
Use the following command to generate the auth tokens, fill in the xxxx appropriately based on your cognito configuration, 使用以下命令生成auth令牌,根据您的cognito配置适当填写xxxx,
aws cognito-idp initiate-auth --auth-flow USER_PASSWORD_AUTH --client-id xxxx --auth-parameters USERNAME=xx@xx.com,PASSWORD=xxxx aws cognito-idp initiate-auth --auth-flow USER_PASSWORD_AUTH --client-id xxxx --auth-parameters USERNAME = xx @ xx.com,PASSWORD = xxxx
Note: You can use any one username or password under applicable cognito user pool. 注意:您可以在适用的cognito用户池下使用任何一个用户名或密码。 The client can be found under general settings--> app client 客户端可以在常规设置 - > app client下找到
The AccessKeyId and SecretAccessKey is not required as it already defined while setting up the aws cli. 设置aws cli时,不需要AccessKeyId和SecretAccessKey,因为它已经定义了。 If not done use the following link to set that up first https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html 如果没有完成,请使用以下链接进行首次设置https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.