Browser SDK for Amazon Cognito Identity
$ npm install @aws-sdk/client-cognito-identity-browser
<fullname>Amazon Cognito</fullname>
Amazon Cognito is a web service that delivers scoped temporary credentials to mobile devices and other untrusted environments. Amazon Cognito uniquely identifies a device and supplies the user with a consistent identity over the lifetime of an application.
Using Amazon Cognito, you can enable authentication with one or more third-party identity providers (Facebook, Google, or Login with Amazon), and you can also choose to support unauthenticated access from your app. Cognito delivers a unique identifier for each user and acts as an OpenID token provider trusted by AWS Security Token Service (STS) to access temporary, limited-privilege AWS credentials.
To provide end-user credentials, first make an unsigned call to GetId. If the end user is authenticated with one of the supported identity providers, set the Logins
map with the identity provider token. GetId
returns a unique identifier for the user.
Next, make an unsigned call to GetCredentialsForIdentity. This call expects the same Logins
map as the GetId
call, as well as the IdentityID
originally returned by GetId
. Assuming your identity pool has been configured via the SetIdentityPoolRoles operation, GetCredentialsForIdentity
will return AWS credentials for your use. If your pool has not been configured with SetIdentityPoolRoles
, or if you want to follow legacy flow, make an unsigned call to GetOpenIdToken, which returns the OpenID token necessary to call STS and retrieve AWS credentials. This call expects the same Logins
map as the GetId
call, as well as the IdentityID
originally returned by GetId
. The token returned by GetOpenIdToken
can be passed to the STS operation AssumeRoleWithWebIdentity to retrieve AWS credentials.
If you want to use Amazon Cognito in an Android, iOS, or Unity application, you will probably want to make API calls via the AWS Mobile SDK. To learn more, see the AWS Mobile SDK Developer Guide.
To install the this package using NPM, simply type the following into a terminal window:
npm install @aws-sdk/client-cognito-identity-browser
The AWS SDK is modulized by clients and commends in CommonJS modules. To send a request, you only need to import the client(CognitoIdentityClient
) and the commands you need, for example CreateIdentityPoolCommand
:
//javascript
const { CognitoIdentityClient } = require('@aws-sdk/client-cognito-identity-browser/CognitoIdentityClient');
const { CreateIdentityPoolCommand } = require('@aws-sdk/client-cognito-identity-browser/commands/CreateIdentityPoolCommand');
//typescript
const { CognitoIdentityClient } = import '@aws-sdk/client-cognito-identity-browser/CognitoIdentityClient';
const { CreateIdentityPoolCommand } = import '@aws-sdk/client-cognito-identity-browser/commands/CreateIdentityPoolCommand';
To send a request, you:
send
operation of client with command object as input.destroy()
to close open connections.const cognitoIdentity = new CognitoIdentityClient({region: 'region'});
//clients can be shared by different commands
const params = {
IdentityPoolName: /**a string value*/,
AllowUnauthenticatedIdentities: /**a boolean value*/,
};
const createIdentityPoolCommand = new CreateIdentityPoolCommand(params);
cognitoIdentity.send(createIdentityPoolCommand).then(data => {
// do something
}).catch(error => {
// error handling
})
Besides using promise style, there are 2 other ways to send a request:
// async/await
try {
const data = await cognitoIdentity.send(createIdentityPoolCommand);
// do something
} catch(error) {
// error handling
}
// callback
cognitoIdentity.send(createIdentityPoolCommand, (err, data) => {
//do something
})
Besides using send()
, the SDK can also send requests using the simplified callback style in version 2 of the SDK.
import * as AWS from '@aws-sdk/@aws-sdk/client-cognito-identity-browser/CognitoIdentity';
const cognitoIdentity = new AWS.CognitoIdentity({region: 'region'})
cognitoIdentity.createIdentityPool(params, (err, data) => {
//do something
})
When the service returns an exception, inpecting the exceptions is always helpful. You can not only access the exception information but also response metadata(i.e request id).
try {
const data = await cognitoIdentity.send(createIdentityPoolCommand);
// do something
} catch(error) {
const metadata = error.$metadata;
console.log(
`requestId: ${metadata.requestId}
cfId: ${metadata.cfId}
extendedRequestId: ${metadata.extendedRequestId}`
);
/*
The keys within exceptions are also parsed, you can access them by specifying exception names like below:
if(error.name === 'SomeServiceException') {
const value = error.specialKeyInException;
}
*/
}
Please use these community resources for getting help. We use the GitHub issues for tracking bugs and feature requests and have limited bandwidth to address them.
aws-sdk-js
This client code is generated automatically. Any modifications will be overwritten the next time the `@aws-sdk/@aws-sdk/client-cognito-identity-browser' package is updated. To contribute to SDK you can checkout our code generator package.
This SDK is distributed under the Apache License, Version 2.0, see LICENSE for more information.
© 2010 - cnpmjs.org x YWFE | Home | YWFE