AWS | Setup Authentication Pool

For Users to SignIn to the App, we need to setup AWS User Pool. All the users will be registered automatically to this Pool. We will create a Custom Auth Pool with SMS & Email verification as the verification methods.

Refer to the Steps below to add the Auth User pool for your App.


STEP 1: #

  1. Sign in to the AWS Console, Navigate/Search for Amazon Cognito
  2. Click on “User pools
  3. Select the “Server Location/Region” where your App Database is/will be hosted.
  4. Click on “Create user pool

STEP 2: #

  1. Select “Cognito user pool” as Provider types
  2. Select “Email“, “Phone number” as Sign in options
  3. Click Next

STEP 3: #

Select all the options as shown below:

STEP 4: #

  1. Enable self-registration” must be checked
  2. Allow Cognito to automatically……..” must be un-checked
  3. Add “website” as Additional required attributes (Needed for passing Auth metaData while Sign In)
  4. Click Next

STEP 5: #

  1. Select “Send email with Cognito” as Email Provider
  2. Select “Create a new IAM role
  3. Set role name as – “AppSMSRole
  4. Select the SNS Region (the region where your app database is/will be hosted. SNS will only work if it is migrated to Production mode from Sandbox mode in the same region)

STEP 6: #

  1. Set “CustomAuthenticationPool” as User pool name
  2. Select “Public Client” as App type
  3. Set “CustomAuthClient” as App client name
  4. Click on “Don’t generate a client secret

    Click Next

STEP 7: #

Click on “Create user pool

STEP 8: #

User pool will be created successfully. You can find this in:

AWS Console –> Amazon cognito –> User pools –> “CustomAuthenticationPool“, (NOTE: You should be in the same AWS region from the top right region selector)

Click on “CustomAuthenticationPool

STEP 9: #

  1. Go to “App Integration” tab
  2. Click on “CustomAuthClient” located at the bottom

STEP 10: #

Click on “Edit” to edit Client Information

STEP 11: #

  1. App client name should be “CustomAuthClient
  2. Uncheck other options & check onlyALLOW_CUSTOM_AUTH” as Authentication Flows (since we will be using SMS/Email Registration in App)
  3. Click “Save changes

👏 Congratulations! Custom Auth User Pool setup is completed.


STEP 12: [Copy Credentials] #

Copy “Client ID” and use it in the App wherever AWS_AUTH_APP_CLIENT_ID is required in the source code.

STEP 13: #

Navigate to AWS Console –> Amazon cognito –> User pools –> “CustomAuthenticationPool“, click on it to view its details

STEP 14: [Copy Credentials] #

  1. Copy “User pool ID” and paste into the source code for AWS_AUTH_POOL_ID field
  2. Copy “your-aws-region” as shown below and paste into the source code for AWS_AUTH_POOL_ID field

Powered by BetterDocs