amazon-cognito-identity-js

amazon-cognito-identity-js copied to clipboard

I'm currently working in a SSO (single sign-on) solution for some web apps of our organization. Each app runs in a different sub-domain then, the local storage is not accessible by them all. So, I've implemented a new storage class in this SDK, using cookies. I'm aware it opens some security vulnerabilities, that have to be protected in each app, but this solution have worked for me. I'd like to know if anyone has a better ideia how to achieve that. In case there isn't a better way to do that, I'd like to know if this implementation is relevant for somebody else and can be merged in this project.

I really appreciate any feedback, thanks.

Depending on the user experience you want, you may also want to take a look at this SDK: https://github.com/aws/amazon-cognito-auth-js it should allow you to do single sign-on across subdomains without modification.

@behrooziAWS I'm also looking for this functionality. I've read through amazon-cognito-auth-js code and haven't seen how to initiate the SDK from the second subdomain. Can you point out now to initiate the SDK without a username and password. I've looked into initiating with the various result tokens, but haven't found any solution.

@ptwenke Our hosted UI https://github.com/aws/amazon-cognito-auth-js it should allow you to do single sign-on across subdomains without modification. You can achieve SSO with different sub-domains across the same browser. Because browser uses cookie to store the Cognito credentials which allow you to only log in once and later get logged in automatically.

@yuntuowang Is it already supporting translation? Thanks.

@marlontrapp Hi, what translation?

@yuntuowang The translation for the hosted UI.

@marlontrapp Do you mean that hosted UI supports different languages or not? Currently, we don't. But we will update on this repo once it has been released.