AWS Cognito

Table of contents

1. Token: Hosted UI / AWS SDK
   1. Hosted UI
   2. AWS SDK
2. How to use a custom domain

---

Token: Hosted UI / AWS SDK

Hosted UI

Cognito hosts a login portal and an authorization server by default. This UI is hosted on the /login enpoint.

After user types in their credentials, a request is automatically made to the /oauth2/authorize endpoint. Upon successful authentication, client is redirected to a URL configured for the user pool client.

If you’re using an implicit flow (not recommended), you will be redirected with a token directly.

If you’re using an authorization code flow, you will be redirected with a code parameter which you can exchange later to a token at the /oauth2/token endpoint.

AWS SDK

Although the hosted UI option is convenient, one downside of it is that customization is limited.

---

How to use a custom domain

To be added