stackoom
  简体   繁体   中英

Application Based Authorization through AWS Cognito and React

 原文  2022-12-05 07:37:44       reactjs/ amazon-web-services/ authentication/ authorization/ amazon-cognito

Question

I have integrated React Application with AWS cognito for authentication. Then i need to manage the User Group based application level authorization. Is it possible to keep the application based permission authorization on Cognito side:

for example: I'm going to login as MANAGER user group, then in React application I need to manage the UI visibility and functional approach based on the Cognito response when logging in as an authenticated user(MANAGER).

Is it possible or should I use a separate backend service to manage all user level permissions.

If logging in as (MANAGER) shows different UI visibility + functionality; Other users (CLIENT) shows different UI and functionality

Please suggest me the best approach to develop using the React + AWS cognito Authentication + application level

I tried AWS Cognito integration and found that there are Role-based authorization only if we access another AWS services. But the thing is there is no need to access other service, what I need instead is to manage the User-based or UserGroup-based authorization in my React application after logging in as authenticated User.

I achieved what i need (application based Authorization) by creating a JAVA auth service application and there are REST apis to all authentication flow APIS and get Authorization based on the log in user

The database is PostgresSQL there are tables: user-group,groups,permissions,policies

1 answers

solution1
 0  2022-12-07 17:56:14

You can use an Amazon Cognito user pool to control who can access your API (if you are using Amazon API Gateway as well) you can refer here: https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-integrate-with-cognito.html

There is a blog post that describe more in detail about this as well https://dev.to/aws-builders/using-cognito-groups-to-control-access-to-api-endpoints-346g

Together with the access configuration about the endpoint based on user group - In your application code, you should be able to configure route to respective UI/page which your MANAGER or CLIENT should see / view.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question AWS cognito authorization Separating user pools for JavaScript AWS Amplify SDK / AWS Cognito based authentication in React app React and AWS Amplify - Displaying different page based on groups a Cognito user is a member of AWS Cognito how to query for the JWT Token after receiving an authorization code FB Login w/ React Native + AWS Cognito Cognito + Google + React - signout not working using aws amplify AWS Cognito use custom attribute to map Spring application ROLE instead of cognito:groups AWS Cognito with AWS SSO AWS Lambda Authorizer not allowing application/zip response after successful authorization AWS Private API and Cognito
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM