On this post, I will add my notes while using Identity as a Service e.g. AWS Cognito, OKTA, Auth0 etc
ID as a service, you still have to write complete user management by wrapping part of Cognito. this Cognito reduce your token management, MFA and storing user details as ids etc , and help on defining IAM based accessing to the other AWS components
In China AWS doesn’t work, so Okta or Tencent or any other service etc, Another thing, If any enterprise who do not want to use any cloud, just want to keep everything in premises
Do not treat Identity as a service to User Management, Roles etc. IaaS is a part of user account management.
Few screenshots of AWS Cognito :



Github references :
https://github.com/bis-hack/bishack.dev
Implements authentication against AWS Cognito the same way as the client browser does (so you don’t need the AWS IAM credentials to call the API).
https://github.com/dacz/cognitoclientgo
Go Blob Storage FTP Server
AWS, Go, Docker Blob Storage File Server
How do you expose static files in the cloud? Learn the architecture of containerized FTP Server built in GoLang. The FTP server will feature a Docker container, blob storage API access to AWS S3 and Cognito for OAuth authentication.
https://github.com/szahn/BlobStorageFtpServer
CLI Tools to manage servers and secure connections to them, have cognito
https://github.com/kochie/guardian
https://github.com/kochie/guardian/blob/master/template.yaml
https://github.com/leonidasroberto/Beta_cognito_GO
https://github.com/Khmer495/cognito_test_go_sdk
Cognito Auth is a Go package for authenticating with AWS Cognito from the command line, retrieving temporary, limited-privilege credentials for AWS Identity and Access Management (IAM).
https://github.com/skpr/cognito-auth
cmd.Login(app) | |
cmd.Logout(app) | |
cmd.GoogleLogin(app) | |
cmd.ForgotPassword(app) | |
cmd.ConsoleSignIn(app) |
https://github.com/odvcencio/car-rental-admin-backend
This function handles exchanging the Auth flow token for valid IDP tokens from AWS Cognito
https://github.com/charles-d-burton/cognito-refresh
This application can be used to give users the ability to upload files to non-public buckets in AWS S3 without provisioning IAM credentials.
The application leverages AWS Cognito User and Identiy pools to do so. This means a Cognito User Pool associated with an Identity pool is required and the Ids of said resources should be passed to the parameters of the application.
https://github.com/mitchelldavis/s3fileuploader
// AWSCognito methods interface | |
type AWSCognito interface { | |
Init() error | |
SecretHash(string) string | |
SignUp(string, string, string, string) (*cogIdp.SignUpOutput, error) | |
SignIn(string, string) (*cogIdp.InitiateAuthOutput, error) | |
GetUser(string) (*cogIdp.AdminGetUserOutput, error) | |
ConfirmSignUp(string) (*cogIdp.ConfirmSignUpOutput, error) | |
ValidateToken(string, map[string]JWKKey) error | |
ForgotPassword(string) (*cogIdp.ForgotPasswordOutput, error) | |
ConfirmForgotPassword(string, string, string) (*cogIdp.ConfirmForgotPasswordOutput, error) | |
ChangePassword(string, string, string) (*cogIdp.ChangePasswordOutput, error) | |
} |
A language-agnostic Cognito client for doing user authentication in your app with AWS Cognito. This project is a spin-off from one of my personal projects that have Web, iOS, and Android app clients. I thought this would be useful to those who have similar needs as my project.
https://github.com/rcholic/CognitoREST
AWS Cognito + Lambda(golang) + Dynamodb + React based chat application with WebRTC Video Calling support
https://github.com/praveen001/go-chat
Golang Authentication With AWS Cognito – Complete