Live Demo

AWS Cognito Authentication

Learn how to secure your application with AWS Cognito Authentication.

Scale your application with confidence while ensuring robust security and user experience with our built-in AWS Cognito integration. This versatile solution leverages comprehensive security features to safeguard user data and applications, even as your user base grows.

You're free to add (or remove) any of the methods supported by AWS Cognito's Authentication.

Configuration

Next.js

Copy the following variables to your .env.local file:

NEXT_PUBLIC_AUTH_STRATEGY=COGNITO
 
# Cognito
COGNITO_CLIENT_SECRET=
NEXT_PUBLIC_COGNITO_AUTHORITY=
NEXT_PUBLIC_COGNITO_DOMAIN=
NEXT_PUBLIC_COGNITO_CLIENT_ID=

Replace COGNITO_CLIENT_SECRET, NEXT_PUBLIC_COGNITO_AUTHORITY, NEXT_PUBLIC_COGNITO_DOMAIN, and NEXT_PUBLIC_COGNITO_CLIENT_ID with your AWS Cognito credentials. You can find these credentials in your AWS Cognito dashboard.

Vite

VITE_AUTH_STRATEGY=COGNITO
 
# Cognito
VITE_COGNITO_AUTHORITY=
VITE_COGNITO_DOMAIN=
VITE_COGNITO_CLIENT_ID=

Getting Started

To get started with AWS Cognito Authentication, you'll need a AWS account. If you don't have one yet, you can sign up at https://aws.amazon.com/console.

Once you have a AWS account, follow these steps:

  • Set Up Your User Pool: Create a new User Pool with Email as sign-in option.
  • Set Up Your App Client: Create a new App Client for your User Pool.
  • Redirect URLs: Make sure your App Client login page is working correctly. In your AWS Cognito dashboard, navigate to your App Client and click the View login page button. You should see the default login page.
  • Set the Callback and Sign Out URLs: Configure the Allowed callback URLs to http://localhost:3000/auth/cognito/callback and Allowed sign out URLs to http://localhost:3000/.

In production make sure you replace the http://localhost:3000 with your actual domain.

How it Works

  1. User Login: When a user attempts to log in, the application redirects the user to the AWS Cognito login page. The user enters their credentials, and AWS Cognito validates the user's identity. Upon successful authentication, the user is redirected back to the application and the application persists the user's session.
  2. User Logout: When a user logs out, the application clears the user's session and redirects the user to the AWS Cognito logout page. AWS Cognito invalidates the user's session and redirects the user back to the application.

Explore More

AWS Cognito is a powerful tool that offers a wide range of features to secure your application. To learn more about AWS Cognito, you can refer to the official documentation.