VRMS icon indicating copy to clipboard operation
VRMS copied to clipboard

Published 20 hours ago verified publisher icon hackforla

Create and Configure Cognito User Pool

Open jasonwong26 opened this issue 3 years ago • 1 comments

Epic: Integrate with AWS Cognito for Authorization

This ticket sets up the AWS Cognito resource in AWS for us to utilize with the VRMS website. Development environment client variables:

AWS_COGNITO_REGION=us-west-2 AWS_COGNITO_USER_POOL_ID=us-west-2_Fn4rkZpuB AWS_COGNITO_APP_CLIENT_ID=5u7s2nj55mp9v5qmt9scja4hnr

Will leave this open for production release set up. v.4 release is still several months away, so it's too early to set up a production user pool yet (and it only takes a few minutes).

Instructions

  • [ ] Review the documentation below.
  • [ ] Create a new user pool in the US-West-2 region with the following settings:
    • User Identity: email
    • Password Requirements: min 8, require numbers, upper/lower case, special characters
    • User Creation: Allow users to sign themselves up
    • MFA: disabled
    • Account Recovery: Email only
    • Account verification: Email Only
    • Advanced Security: Disabled
    • Enable SRP
    • Domain Name: https://{hackforla-vrms-test}.auth.{region}.amazoncognito.com
    • This has been done for development env: vrms-dev, https://hackforla-vrms-dev.auth.us-west-2.amazoncognito.com
  • [ ] Within the new user pool, create a new Application Client with the following settings:
  • Sign in URLs: http://localhost:3000, https://localhost:3000, http://localhost:3001, https://localhost:3001
  • Sign out URLs: http://localhost:3000, https://localhost:3000, http://localhost:3001, https://localhost:3001
  • OAuth2 Flow: Authorization Code Grant
  • OAuth scopes: email, openid, profile
  • App client secret - Do not create
  • [ ] Document the created resource information on this ticket.
  • Region the pool was created in (this should be US-West-2)
  • User Pool Id
  • Application Client Id

Example Pool and Client Ids:

AWS_COGNITO_REGION=us-west-2
AWS_COGNITO_USER_POOL_ID=us-west-2_AVIvi59pc
AWS_COGNITO_APP_CLIENT_ID=5ltbr2dgr8s05o8uohpoq375cn

Once the user pool and application client have been created and reviewed, we'll need to create the appropriate entries in our .ENV files to house these.

  • [ ] Choose appropriate keys to use for storing these values (you can use the above or your own keys)
  • [ ] Update the environment variables documentation, adding these values to the

Reference

AWS Documentation Environment Variable Documentation

jasonwong26 avatar Aug 02 '21 07:08 jasonwong26

Development environment client variables:

AWS_COGNITO_REGION=us-west-2 AWS_COGNITO_USER_POOL_ID=us-west-2_Fn4rkZpuB AWS_COGNITO_APP_CLIENT_ID=5u7s2nj55mp9v5qmt9scja4hnr

Will leave this open for production release set up. v.4 release is still several months away, so it's too early to set up a production user pool yet (and it only takes a few minutes).

FoxShaunR avatar Apr 18 '22 03:04 FoxShaunR