[英]AWS cognito authorization
I have an application (node.js) that need an Authentication and authorization.我有一个需要身份验证和授权的应用程序 (node.js)。 My app need access to postgres database and also need a Inheritances (roles etc.)
我的应用程序需要访问 postgres 数据库,还需要继承(角色等)
One option to implement that is using the cognito service of aws (the app will host on aws properly - not sure about that)实现的一种选择是使用 aws 的认知服务(该应用程序将正确托管在 aws 上 - 不确定)
so the questions is所以问题是
Tnx发件人
Cognito identity pool is used for granting access to aws services. Cognito 身份池用于授予对 aws 服务的访问权限。 User pool is used to exchange user credentials for tokens which can contain additional information about the user once decoded.
用户池用于交换令牌的用户凭据,一旦解码,令牌可以包含有关用户的附加信息。 So yes, you can use user pool just for authentication.
所以是的,您可以仅使用用户池进行身份验证。 Your user attributes can contain information related to the services this user needs to access.
您的用户属性可以包含与该用户需要访问的服务相关的信息。
However, if you plan on storing database credentials, I suggest you use AWS secrets manager to store your DB credentials and grant the cognito user access to this secret.但是,如果您计划存储数据库凭据,我建议您使用 AWS secrets manager 来存储您的数据库凭据并授予 cognito 用户访问此机密的权限。 You'll need to use both user pool and identity pool in this case.
在这种情况下,您需要同时使用用户池和身份池。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.