amazon-cognito-identity-js
amazon-cognito-identity-js copied to clipboard
Single Sign on with OIDC Token
Let's say I want Twitch users to be able to log in to my cognito userpool from their browsers. I add a "login with Twitch" button to my website, and users can click it to get an OIDC token back from twitch. Once I get that token, is there any way for me to do passwordless login to the user pool? it would look like this:
- user logs in to twitch from my website
- twitch redirects to my website with oidc token
- my website sends request to api gateway with oidc token
- lambda validates oidc token, gives ok response,
- client js logs user in
In step 5, I expect to be able to call a method like cognitoUser.authenticateUser()
to then log in to the app. Is there such a method for passwordless login?
If not, how else can I arrange a system like this?
- Do i have to send the user back their password over https?
- Is there a way to hash the password on the server side and send the hash to the client to log in with?
- can the server generate a session for the client the same way I would call
cognitoUser.getSession()
on the client?