7

I would like my app to allow users with a Facebook, Google, Amazon... etc... accounts to be able to login to my app. This works fine through AWS Cognito.

However, is there a way for the app to create a user login programmatically if the user does not have any of those logins?

  1. The user would provide an id and a password and the app would send the information to the authentiation provider to create a new login/account.

  2. I would not need to implement my own authentication mechanism and worry about how the passwords are stored, etc.

From my research I take that there is no way to do this with existing authentication providers or even other services such as OpenID.

Do you have any other options if I do not want to implement my own login storage and authentication? It would not necessarily need to integrate with AWS Cognito.

swbandit
  • 1,739
  • 1
  • 23
  • 35
  • Doesn't login with FB/Google take you to a page where you can either log-in or sign-up? – TJ- Aug 13 '14 at 18:20
  • I want the user to stay in my app and not have to open a browser or some other app when signing up. – swbandit Aug 13 '14 at 18:22
  • 2
    All the authentication providers wouldn't want third-party apps creating accounts on their sites - for example it's a security risk because your app would then have the user's password (one of the purposes of OpenID is to avoid that) and an API like that would be very attractive for spammers. – eug Feb 28 '15 at 02:44

2 Answers2

6

I'm a little confused by your question. If you're asking:

Can I create new usernames and passwords on Facebook / Google programatically?

Then the answer is no. You have to sign up for Facebook / Google on their site. If you're asking:

Can I create a new user with a username and password that only exists in Cognito?

Then the answer is yes. To do this, it depends on whether you're creating the user in a browser or on a server. In a browser, use the Cognito Javascript API. On a server, use the Cognito Admin Server APIs.

Here's some sample code for creating a new user on the server in Node JS (replace my strings with your own tokens, especially the ones with @ signs in them):

  let params = {
    UserPoolId: "@cognito_pool_id@",
    Username: "jhancock",
    DesiredDeliveryMediums: ["EMAIL"],
    ForceAliasCreation: false,
    MessageAction: "SUPPRESS",
    TemporaryPassword: "somePassword",
    UserAttributes: [
      { Name: "given_name", Value: "John"},
      { Name: "family_name", Value: "Hancock"},
      { Name: "name", Value: "John Hancock"},
      { Name: "email", Value: "john@gmail.com"},
      { Name: "phone_number", Value: "+15125551212"}
    ],
  };
  console.log("Sending params to cognito: " + JSON.stringify(params));
  let cognitoIdentityServiceProvider = new AWS.CognitoIdentityServiceProvider({region: "us-east-1"});
  cognitoIdentityServiceProvider.adminCreateUser(params, function(error, data) {
    if (error) {
      console.log("Error adding user to cognito: " + JSON.stringify(error), error.stack);
    } else {
      console.log("Received back from cognito: " + JSON.stringify(data));
    }
 }

One you get that working, you'll probably want to see this post about how to change the temporary password into a real one.

Community
  • 1
  • 1
Ryan Shillington
  • 15,463
  • 10
  • 75
  • 85
  • 1
    I think the original poster was asking about cognito federated identities, as the question is from 2014 and user pools didn't launch until 2016, but this is a valid answer for user pools. – Jeff Bailey Mar 01 '17 at 18:22
  • Fair enough. When I was first learning about Cognito late last year, I found this question and it confused the heck out of me that you couldn't have users in Cognito. Glad it's better now. – Ryan Shillington Mar 02 '17 at 20:03
0

Hi from my previous experence in implementing of the social media authentication. I would conclude that it is quite hard to implement.If you do not what to show web view to authenticate user in iOS you need to use iOS ACAccountStore class for this, but even this only gives opportunity to log in not to sign in.

Oleg Gordiichuk
  • 13,891
  • 5
  • 52
  • 91