AWS | Setup Authentication Pool (Email & Phone OTP Signin Only)

For Users to SignIn to the App, we need to setup AWS User Pool. All the users will be registered automatically to this Pool. We will create a Custom Auth Pool with SMS & Email verification as the verification methods.

Refer to the Steps below to add the Auth User pool for your App.

STEP 1: #

  1. Sign in to the AWS Console, Navigate/Search for Amazon Cognito
  2. Click on “User pools
  3. Select the “Server Location/Region” where your App Database is/will be hosted.
  4. Click on “Create user pool

STEP 2: #

  1. Select “Cognito user pool” as Provider types
  2. Select “Email“, “Phone number” as Sign in options
  3. Click Next

STEP 3: #

Select all the options as shown below:

STEP 4: #

  1. Enable self-registration” must be checked
  2. Allow Cognito to automatically……..” must be un-checked
  3. Add “website” as Additional required attributes (Needed for passing Auth metaData while Sign In)
  4. Click Next

STEP 5: #

  1. Select “Send email with Cognito” as Email Provider
  2. Select “Create a new IAM role
  3. Set role name as – “AppSMSRole
  4. Select the SNS Region (the region where your app database is/will be hosted. SNS will only work if it is migrated to Production mode from Sandbox mode in the same region)

STEP 6: #

  1. Set “CustomAuthenticationPool” as User pool name
  2. Select “Public Client” as App type
  3. Set “CustomAuthClient” as App client name
  4. Click on “Don’t generate a client secret

    Click Next

STEP 7: #

Click on “Create user pool

STEP 8: #

User pool will be created successfully. You can find this in:

AWS Console –> Amazon cognito –> User pools –> “CustomAuthenticationPool“, (NOTE: You should be in the same AWS region from the top right region selector)

Click on “CustomAuthenticationPool

STEP 9: #

  1. Go to “App Integration” tab
  2. Click on “CustomAuthClient” located at the bottom

STEP 10: #

Click on “Edit” to edit Client Information

STEP 11: #

  1. App client name should be “CustomAuthClient
  2. Uncheck other options & check onlyALLOW_CUSTOM_AUTH” as Authentication Flows (since we will be using SMS/Email Registration in App)
  3. Click “Save changes

👏 Congratulations! Custom Auth User Pool setup is completed.

STEP 12: [Copy Credentials] #

Copy “Client ID” and use it in the App wherever AWS_AUTH_APP_CLIENT_ID is required in the source code.

STEP 13: #

Navigate to AWS Console –> Amazon cognito –> User pools –> “CustomAuthenticationPool“, click on it to view its details

STEP 14: [Copy Credentials] #

  1. Copy “User pool ID” and paste into the source code for AWS_AUTH_POOL_ID field
  2. Copy “your-aws-region” as shown below and paste into the source code for AWS_AUTH_POOL_ID field

Powered by BetterDocs