Cognito 身份验证和单点登录
[英]Cognito authentication and Single Sign On
问题描述
I have a web page were the user signs in using Amazon Cognito and AWS Amplify authentication.
我有一个网页,用户使用 Amazon Cognito 和 AWS Amplify 身份验证登录。 I have a link into that application that opens another aplication.我有一个指向该应用程序的链接,可以打开另一个应用程序。 I want a Single Sign On (I'm not sure if this is the best way to do this), however, I have read a little about it, that there is information about getting the ID Token and the Access Token to login to the other application.我想要单点登录(我不确定这是否是最好的方法),但是,我已经阅读了一些关于它的信息,有关于获取 ID 令牌和访问令牌以登录到其他应用。 How can I use that JWT token to access to my application?如何使用该 JWT 令牌访问我的应用程序? The expected result预期的结果
1 个解决方案
解决方案1
3 2019-01-31 20:09:08
After authentication, your application can query tokens from Cognito User Pool (see https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html )身份验证后,您的应用程序可以从 Cognito 用户池查询令牌(请参阅https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers。 html )
Your app can, in turn, pass a token to the second app (the target of the SSO) as a HTTP header.反过来,您的应用程序可以将令牌作为 HTTP 标头传递给第二个应用程序(SSO 的目标)。
The second app will verify the token (ie verify the signature and the claim, see https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-verifying-a-jwt.html ) and grant access to authorised users.第二个应用程序将验证令牌(即验证签名和声明,请参阅https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-verifying-a -jwt.html ) 并授予授权用户访问权限。
In case no token is provided, or an invalid token, the second app will redirect to an authentication page.如果未提供令牌或无效令牌,第二个应用程序将重定向到身份验证页面。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.