That was awesome. Some people would have turned that into an hour long video and not covered all the details either. Perfect and to the point in under 14 minutes.
Thanks for this concise and helpful - so many incorrect videos out there that obviously do not understand OAuth and copying from the same incorrect source. Warning - AWS has significantly changed various areas and you need to switch back to the Cognito v1 (on the left side menu) to make this work as expected... Yay AWS!
I immediately wanted to click subscribe just because of your vibe - but I waited til you said there would be flubs and I was like "ok this guy is cool" - and actually kind of inspiring to me, too :)
ya, great vid, well explained and visually practical. two thumbs up, you've helped me out a lot + an extra thumbs up for the cool digs, like, you could easily segue into a smooth jazz video.
Thanks :) that was useful. Instead of splitting location.href I think you could also parse the hash as url search params: params = new URLSearchParams(window.location.hash.replace('#','?')) Then you can easily access the bit you want by using params.get('access_token') or whatever
Amazing Video ! But, I want to know how to do the Sign Up, Login & other MFA in React-Native App, if I already have a existing backend in AWS Cognito . And have the below details of the existing backend :- aws_cognito_identity_pool_id: aws_cognito_region: aws_user_pools_id: aws_user_pools_web_client_id: I hope this question will generate curiosity in you. Please make a separate vdo on this topic
The UI is a bit outdated now given the new AWS UI. But still, I benefited from this tutorial after watching another one with the new UI.. Also, pls pay attention where you put your selfie video as it covers some of the steps (can be concluded though).
this was great, thank you! however i have a question. i have this API connected to my lambda function as a trigger, and i have a slack app which in event subscription, takes in an endpoint (in this case it is my newly authorized endpoint configured in my lambda function). however, because the API is protected, slack won't be able to verify it or access it. how can i enable slack to access this? thank you again for the vdeo!
can i use lambda to add user information into a dynamo db also? if i do that then when i am connecting to api gateway can i choose lambda instead of jwt auth?
Thanks for the great video. What will happen when the token is expired? Is there a way to automate the token update or each time I have to manually create a token? Please let me know.
Awesome! Video was short and to the point. Resolved my problem which was accidentally using the API Gateway API ID rather than the User Pool ID as the "audience". How come both the IdToken and AccessToken can be attached to the authorizer header and still have access to the protected resources?
Is there a way we can just not use the Cognito UI to signup/signin? I want to use Cognito's backend service with my own UI (via login form). It would look a little out of place in, let's say, a mobile app so yeah was just wondering!
It is supposed to be standard to use the access token instead of the Id token. Why did you use the id token? I am asking because I cannot get it to work with the access token in my own app.
Thank you for this. QQ : The access token expires after a day. Is it possible to extend it for a month or so ? If not what would be good approach if we want some auth value that is applicable for a month or so.
A good video on a good subject. I do wish that you'd gone a little more slowly in parts. There were parts where you just sped through a few clicks or screens without much explanation. It's especially easy to miss if you're trying to code along with the video. A little more explanation of how these parts fit together would be nice, too. But still, good video, I learned what I needed to learn.
For example, say what button you're pushing as you push it - sometimes it's hard to track where you pointer is pointing. And it would be nice if you didn't name everything "pets" - I'm trying to do one with other names now and it isn't working - it's not always clear what refers to what since they all have the same name.
Excelente muy buen ejemplo, muy parecido se puede hacer andar con keycloak Aca dejo un ejemplo: ua-cam.com/video/r2bN9usRmXE/v-deo.html&ab_channel=%C5%81ukaszBudnik
I got this error from Postman: "the token does not have a valid audience" I did everything you described here, on JWT.io the Signature is Verified...what can be wrong?
OK I found the problem...in Cognito I have 2 different App Client, one for my app and the other for the web (generated by Amplify) so I went back to API and edit the Authorizer adding both audience. Thanks for the video!
Him: "I hate when folks don't give you all the little details that you might need..."
Me: Subscribed
That was awesome. Some people would have turned that into an hour long video and not covered all the details either. Perfect and to the point in under 14 minutes.
This was incredibly helpful! You did a great job explaining everything thoroughly. Great quality content, keep it up man! 🙏💪
Thanks for this concise and helpful - so many incorrect videos out there that obviously do not understand OAuth and copying from the same incorrect source.
Warning - AWS has significantly changed various areas and you need to switch back to the Cognito v1 (on the left side menu) to make this work as expected... Yay AWS!
Thanks 🙏. Please make another video where we can learn how to assign role and how to allow users with different roles to access different resources.
Huge Thank you! Simple, thorough, and spot on!
Glad you liked it!
I immediately wanted to click subscribe just because of your vibe - but I waited til you said there would be flubs and I was like "ok this guy is cool" - and actually kind of inspiring to me, too :)
Thanks for doing this! Really helpful and truly appreciated!
You saved me many hours today
I just had to subscribe your chennel, because I was looking for some video like your for days and you save me! Thanks a lot!!!
Yeah Michael, way to get it together! Great job
First time i feel i need to comment on a video - dude, you are amazing!
dayum, my man makes it look so ez lol, great video! keep up the great content!
Very knowledge session
Great video Michael, tracking you man.
Never thought kanye west would teach me amazon cognito
Excellent Demo - thanks for that!
This video was super useful for me
Nice tutorial and well explained. I thought AWS Cognitoruns on the backend, but I see it writes out the tokens in local storage on the client.
Nice video, good clear speaking voice, thanks!
Thank you man. Good video and very updated!!
I really appreciate your video. It is really helpful.
really helpful, resolved some real issue for me :D
Dude you earned my sub! Awesome tutorial :D
thank you! you made it very easy to follow.
Copying both the access token and id token from the URL is what tripped me as well.
Thank you for this video. Can you make a video on how to do the same with AWS-CDK and Lambda functions?
Nice work and Good Health.💖
Thank you for making this! 🙂
ya, great vid, well explained and visually practical. two thumbs up, you've helped me out a lot + an extra thumbs up for the cool digs, like, you could easily segue into a smooth jazz video.
great tutorial thanks
Super!! worked for me.
same steps? nothing different to setup?
You are a life saviour
nice explanation
Awesome video, thanks for this.
Thanks :) that was useful. Instead of splitting location.href I think you could also parse the hash as url search params:
params = new URLSearchParams(window.location.hash.replace('#','?'))
Then you can easily access the bit you want by using params.get('access_token') or whatever
Amazing Video !
But, I want to know how to do the Sign Up, Login & other MFA in React-Native App, if I already have a existing backend in AWS Cognito .
And have the below details of the existing backend :-
aws_cognito_identity_pool_id:
aws_cognito_region:
aws_user_pools_id:
aws_user_pools_web_client_id:
I hope this question will generate curiosity in you.
Please make a separate vdo on this topic
Someone else can copy this jwt token from request header and use it. am i correct ?
The UI is a bit outdated now given the new AWS UI. But still, I benefited from this tutorial after watching another one with the new UI.. Also, pls pay attention where you put your selfie video as it covers some of the steps (can be concluded though).
Excellent
the tutorial is awesome!!!!!!!!! thanks alots.
Very nice content
BRUH . . . Thank you for this
You're welcome! Let me know if there's anything else you'd like to see!
Surprised this isn't emphasized more.
this was great, thank you! however i have a question. i have this API connected to my lambda function as a trigger, and i have a slack app which in event subscription, takes in an endpoint (in this case it is my newly authorized endpoint configured in my lambda function). however, because the API is protected, slack won't be able to verify it or access it. how can i enable slack to access this? thank you again for the vdeo!
Great video mate.
Thanks
Great video, just wondering if you have some examples of client side logic - storing the token, and other best practices?
Good job! Thanks!
Thank you!
can i use lambda to add user information into a dynamo db also? if i do that then when i am connecting to api gateway can i choose lambda instead of jwt auth?
Hey can you help implement jwt support plugin with Jenkins
Well done!
Thanks for the great video. What will happen when the token is expired? Is there a way to automate the token update or each time I have to manually create a token? Please let me know.
Awesome! Video was short and to the point. Resolved my problem which was accidentally using the API Gateway API ID rather than the User Pool ID as the "audience". How come both the IdToken and AccessToken can be attached to the authorizer header and still have access to the protected resources?
I can't get the access token to work for me.
Is there a way we can just not use the Cognito UI to signup/signin? I want to use Cognito's backend service with my own UI (via login form). It would look a little out of place in, let's say, a mobile app so yeah was just wondering!
Subscribed! Will you cover the new Amplify Studio?
Absolutely! I’m currently taking a break until the new year but have a series of videos covering many of the features we released during re:Invent!
@@focusotter cool, can't wait
Hi, I wanted to know is this super different from using Lambda Authorizer or do they work in a similar manner ?
If you run that exact same postman test 6 months from now, would it work, or why not?
how to do with backend api ?
lambda serves as a client in this example?
It is supposed to be standard to use the access token instead of the Id token. Why did you use the id token? I am asking because I cannot get it to work with the access token in my own app.
Hey! So we use the id token, but Cognito will manage and use access tokens on our behalf :)
Sub 👍👍 thanks for the content
Thank you for this.
QQ : The access token expires after a day. Is it possible to extend it for a month or so ? If not what would be good approach if we want some auth value that is applicable for a month or so.
From what I have seen, you can configure that in the app client settings.
A good video on a good subject. I do wish that you'd gone a little more slowly in parts. There were parts where you just sped through a few clicks or screens without much explanation. It's especially easy to miss if you're trying to code along with the video. A little more explanation of how these parts fit together would be nice, too. But still, good video, I learned what I needed to learn.
For example, say what button you're pushing as you push it - sometimes it's hard to track where you pointer is pointing. And it would be nice if you didn't name everything "pets" - I'm trying to do one with other names now and it isn't working - it's not always clear what refers to what since they all have the same name.
Excelente muy buen ejemplo, muy parecido se puede hacer andar con keycloak
Aca dejo un ejemplo:
ua-cam.com/video/r2bN9usRmXE/v-deo.html&ab_channel=%C5%81ukaszBudnik
This video was not useful. I am not going to ask my user who want to interact with website behind http api gateway to use postman
I got this error from Postman: "the token does not have a valid audience"
I did everything you described here, on JWT.io the Signature is Verified...what can be wrong?
OK I found the problem...in Cognito I have 2 different App Client, one for my app and the other for the web (generated by Amplify) so I went back to API and edit the Authorizer adding both audience. Thanks for the video!