home.social

#cognito — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #cognito, aggregated by home.social.

  1. For one of my clients I'm creating a highly scalable, globally distributed web application to display and edit some business choices used by internal #ETL document generators. The application runs on #AWS using #cognito as its user authentication mechanism. Did you know that callback script URLs for Cognito can't end in a slash? I didn't. If yours does, be prepared for a world of pain.

  2. For one of my clients I'm creating a highly scalable, globally distributed web application to display and edit some business choices used by internal #ETL document generators. The application runs on #AWS using #cognito as its user authentication mechanism. Did you know that callback script URLs for Cognito can't end in a slash? I didn't. If yours does, be prepared for a world of pain.

  3. For one of my clients I'm creating a highly scalable, globally distributed web application to display and edit some business choices used by internal #ETL document generators. The application runs on #AWS using #cognito as its user authentication mechanism. Did you know that callback script URLs for Cognito can't end in a slash? I didn't. If yours does, be prepared for a world of pain.

  4. For one of my clients I'm creating a highly scalable, globally distributed web application to display and edit some business choices used by internal #ETL document generators. The application runs on #AWS using #cognito as its user authentication mechanism. Did you know that callback script URLs for Cognito can't end in a slash? I didn't. If yours does, be prepared for a world of pain.

  5. For one of my clients I'm creating a highly scalable, globally distributed web application to display and edit some business choices used by internal #ETL document generators. The application runs on #AWS using #cognito as its user authentication mechanism. Did you know that callback script URLs for Cognito can't end in a slash? I didn't. If yours does, be prepared for a world of pain.

  6. Cognito supports secret rotation and custom secrets
    aws.amazon.com/about-aws/whats
    Previously, Cognito automatically generated all app client secrets. With this launch, in addition to the automatically generated secrets, you have the option to bring your own custom client secrets for new or existing app clients. Additionally, you can now rotate client secrets on-demand and maintain up to two active client secrets per app client.
    #AWS #Cognito

  7. Running multiple digital platforms without proper integration slows down your team.
    Cognito Consultants helps you connect Microsoft 365 with leading digital care tools for a smoother, faster, and more compliant workflow. Better coordination = better care delivery. Start your Digital Tools Integration with Cognito Consultants.
    #cognitoconsultants #Cognito #cognitoconsulting #digitalcaretools #CareHomeSoftware #birdie #passsystem #CareLineLive #Accessgroup #healthcaretechnology

  8. When every action is accountable, care becomes exceptional.
    Cognito Consultants helps healthcare organizations turn governance into growth — and compliance into confidence.

    #health #healthcareLeadership #governanceExcellence #cognito

  9. Another AWS footgun: Cognito custom attributes

    You can define extra attributes for users in user pools. Maybe you want to store information that is not covered by the standard attributes, such as social profiles or preferred currency.

    But there is a [catch](docs.aws.amazon.com/cognito/la):

    > You can't remove or change it after you add it to the user pool.

    I had to remove all users and recreate the user pool because of this (it was a personal dev environment fortunately).

    Why is it a big thing?

    * There is a limit of 50 custom attributes you can add. It's a finite resource
    * You use code to deploy your infrastructure? Now you can't rollback
    * Or you use clickops? Watch where you click as this is a one-way road

    To make things worse, it's practically impossible to replace a user pool. You don't have access to the passwords and the MFA secrets (which is a good thing) which means if you move users everything is reset for them. Including their `sub` (subject id) which might affect your databases.

    I'd stay very far away from using custom attributes.

    What's the better solution? You probably already has some backend with some database: use that to store any extra information about users.

    #aws #cognito

    Originally published [on my blog](advancedweb.hu/shorts/another-)

  10. Another AWS footgun: Cognito custom attributes

    You can define extra attributes for users in user pools. Maybe you want to store information that is not covered by the standard attributes, such as social profiles or preferred currency.

    But there is a [catch](docs.aws.amazon.com/cognito/la):

    > You can't remove or change it after you add it to the user pool.

    I had to remove all users and recreate the user pool because of this (it was a personal dev environment fortunately).

    Why is it a big thing?

    * There is a limit of 50 custom attributes you can add. It's a finite resource
    * You use code to deploy your infrastructure? Now you can't rollback
    * Or you use clickops? Watch where you click as this is a one-way road

    To make things worse, it's practically impossible to replace a user pool. You don't have access to the passwords and the MFA secrets (which is a good thing) which means if you move users everything is reset for them. Including their `sub` (subject id) which might affect your databases.

    I'd stay very far away from using custom attributes.

    What's the better solution? You probably already has some backend with some database: use that to store any extra information about users.

    #aws #cognito

    Originally published [on my blog](advancedweb.hu/shorts/another-)

  11. #Cognito adds enhanced context support for M2M authorization flows
    aws.amazon.com/about-aws/whats
    Consider an API service that needs different access patterns across dev and prod environments. Using ClientMetadata, you can now specify {"env": "dev"} or {"env": "prod"}. With Cognito's support for pre-token generation Lambda triggers, you can customize token scopes and add environment-specific claims like rate limits. The API can then examine these scopes and claims to enforce appropriate controls.
    #AWS

  12. Cognito supports access token customization for machine-to-machine (M2M) authorization flows
    aws.amazon.com/about-aws/whats
    Customers can now add custom attributes directly in access tokens, reducing the complexity of authorization logic needed in their application code. For example, customers can customize access tokens with claims that allow an app client for a reporting system to only read data while allowing an app client for a data processing service to both read and modify data.
    #AWS #Cognito