A small code experiment... Grown into a sample app (using Prism... which I love dearly)... on establishing a user in an AWS Identity Pool using Developer Authenticated Identities (custom SSO login) in order to access other AWS services (e.g., AWS Lambda functions) with authenticated users.
I'd like to profusely thank kneekey23, steveataws, nikhil-dabhade, and sunchunqiang for their help and advice as I struggled through learning how to implement this functionality. Thank you for your time, knowledge, effort, and assistance! I am in your debt!
Users of this app login to a company's custom SSO server (a total fake in this app, but BOY is it fast!), and the app receives a unique id (the GuidId property you see in the code of the coolAppSsoUser object).
The idea is that the user would log in with the custom SSO provider, and behind the scenes we are now trying to either create a new or get an existing Amazon Cognito Identity from an Identity Pool, using the data received from the SSO server (in particular, the user's unique id).
We then move on to getting credentials for our Cognito user, and from there the user is able to trigger a Lambda functions.
There is a class called AwsConstants.cs... All of the required constants you will need are listed there, and I tried to make the names as clear as I could. You'll need to fill in values from your own account.
Following the steps outlined in the AWS documentation, specifically under the heading Developer Authenticated Identities Authflow, then the sub-heading Enhanced Authflow. Please see the Resources section below for more articles/videos that may be helpful in understanding this app and the problems it is trying to solve.
- AWS .NET Developer Center
- https://docs.aws.amazon.com/cognito/latest/developerguide/authentication-flow.html
- https://docs.aws.amazon.com/mobile/sdkforxamarin/developerguide/setup.html
- https://docs.aws.amazon.com/cognito/latest/developerguide/developer-authenticated-identities.html
- Deep Dive on User Sign-up and Sign-in with Amazon Cognito
- AWS re:Invent 2017: Identity Management for Your Users and Apps: A Deep Dive on Amaz (SID332)
- Amazon Cognito using developer authenticated identities: An end-to-end example
- Prism Library