.svg)
.svg)
Hi, I am Jungmin Choi, a DevOps Engineer at WhaTap Labs.
If you are a developer, you have probably experienced difficulties in developing login and signup features, and if you are an operator, you have probably experienced difficulties in managing user data. Today, I will show you how to quickly and easily implement login/registration/user data management using Amazon Cognito.
1. What is Amazon Cognito?
Amazon Cognito is a service that provides authentication, authorization, and user management for web and mobile apps. Amazon Cognito is divided into two main components
- User pool
User pools are user directories that provide signup and sign-in options for app users, i.e., membership, sign-in, and management of USER.
- Credential pool
Allows you to authorize users to other AWS services. They can be used separately from user pools, but really shine when used in conjunction with user pools.
2. Amazon Cognito, why do you recommend it?
- Developers can spend less effort on login/registration.
- Operators do not have to worry about data archiving.
- Access to a variety of AWS services at login, including Amazon S3, DynamoDB, and more.
- Easily integrate with social logins like Google, Facebook, and more.
3. How to use Amazon Cognito
Let's implement a simple login feature on SpringBoot using an Amazon Cognito user pool.
3-1 Create an Amazon Cognito user pool
1. Go to AWS Console, navigate to the Amazon Cognito Service Page, and click Create User Pool.
2. Configure the user pool
This is the user pool we set up for our test environment. In a real environment, you will need to change the settings to meet your requirements.
The allowed CallBackURL should be set to : https://{wanted_host}/login/oauth2/code/cognito.
1. First, configure the login experience.
2. Next, configure your security requirements.
3. Configure the subscription experience.
4. In step 4, set up your message delivery configuration.
5. Finally, set up your app integration steps and you are all set
3-2 Applying it to a SpringBoot Application
This is a very simple example application that uses Amazon Cognito to log in/register, and show email on login.
You can download it from GitHub below. You can also check out the code on GitHub.
GitHub Code : https://github.com/cjm2021401/CognitoExample
Results and Application
1. When you go to http://localhost:8080
2. Click the Sign in button
You will be taken to the Amazon Cognito you set up and presented with a sign-in or sign-up window.
3. Sign up
When you click the Sign up button, a page appears that asks the user to sign up with information based on the signup experience you set up in Amazon Cognito.
After filling in the required information and sending the mail, you will receive an email that looks like this, and you can enter the code to log in.
4. Confirm your subscription
You can also check your subscription history in the Amazon Cognito console.
5. When logging in
When logging in with the account you created in the previous step, you will see a screen that parses the email from the login information and shows the email of the logged in user.
4. We recommend Amazon Cognito, if you are like this.
I think Amazon Cognito will be a very attractive card for companies that are short on developers or need developers to focus on feature development, as it is a simple setup that takes about 10 minutes to log in, sign up, and even manage users. Also, with a Free Tier of 50,000 users who log in directly to the Cognito user pool and 50 users who integrate through an AML 2.0-based credential provider, I think it can be used by developers as well as those studying development.
Closing thoughts
We have implemented Amazon Cognito on systems large and small in our organization, stripping away traditional login methods. Our users are happy, and I am very pleased with the reduction in management points. I recommend applying Amazon Cognito to reduce the time spent on logging in, and using the remaining time to stabilize the service with SaaS monitoring [WhaTap](https://www.whatap.io/ko/)😄
