How JMIX handle code for AWS Cognito Access Token (user pool) for REST API JMIX

farid · July 30, 2023, 5:13am

How JMIX handle code for AWS Cognito Access Token (user pool) for REST API JMIX ? Any samples or reference share will be helpful . Thanks

gorbunkov · August 14, 2023, 12:19pm

Hi,

We haven’t tried the AWS Cognito for user authentication ourselves, but it seems that the OpenID Connect add-on can do the job. You can find information about how to use the add-on in the GitHub readme file.

farid · August 15, 2023, 4:45am

Hi,

Thank you for pointing me to the OpenID Connect add-on for AWS Cognito and its associated GitHub README. I’ve been reviewing the setup, and I have a specific question regarding the Spring Security properties.

In my current setup with Keycloak, I use spring.security.oauth2.client.provider.keycloak.user-name-attribute. Given the transition to AWS Cognito, would it be correct to replace that with spring.security.oauth2.client.provider.cognito.user-name-attribute? I want to ensure that the property naming convention aligns correctly with the AWS Cognito integration.

Any guidance or confirmation on this would be greatly appreciated.

Best regards,

Farid

gorbunkov · August 15, 2023, 6:50am

You can use any word at this place. “keycloak”, “cognito” or just “abcd” is a providerId necessary to group several settings together. Just don’t forget to use “cognito” in other properties keys as well. See Core Configuration :: Spring Security