amazon cognito: create userpool and sync users to database – RDS

What is Amazon cognito?

Amazon Cognito is a service used for user identity & data synchronization that helps you securely manage and synchronize app data for your users.

Workflow

In order to integrate Amazon cognito, you can follow these steps:

  • Create a user pool and configure it
  • When a user signup on your application, user data will be saved to user pool
  • When a user signs in, you can ask for a JWT token from cognito. Pass this token in your APIs. Backend integrates AWS cognito at their end and verifies the token passed in the API. This is how you can verify your users using a JWT token. Alternatively, You can use social login accounts like google, apple, facebook etc based on your application requirement.

1. Search keyword “cognito” in search bar

aws

2. Click on “Manage user pools”

step2

3. Click on “Create a user pool”

step3

4. In this step, you will see two options to create the user pool. One is to go with default settings “Review defaults” and another is to set up all the settings manually as per your need. You can go with “Step through settings”.

step4

Triggers

(Optional) In the triggers menu, You will see different events as shown in the image below. Using triggers, You can sync user pool data to your Database. To do so, you have to create a lambda function and call lambda function on different events based on your requirement.

Use case

User signed up to the application and user data stored in the user pool. When a user verifies it’s identity and confirms the details(email or phone number confirmation based on your application requirement), post confirmation trigger will be triggered automatically if you created any lambda function and added it in post confirmation trigger. In lambda function definition, you can make connections to your database and save user details in your DB.

trigger

Change Expiration time

(Optional) After setting up the user pool, you can set expiration time of refresh token, Access token and ID token from “APP Clients” menu. You can find this option in “show details” menu. This step is optional and if not didn’t modify expiration times, default expiration times will be used.

step5

 

set expiration

 

Step 2: Setup RDS

If you want to sync your userpool users to RDS database, you can follow article RDS setup – beginner guide to setup RDS.

Step 3: Lambda function

In order to sync userpool data in your database, you need a lambda function which will be called in cognito triggers. You can follow article Lambda function to connect to mysql to setup Lambda function.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to Top