-1

I have multiple applications such as:

  1. user.myappsite.com/app1
  2. user.myappsite.com/app2
  3. user.myappsite.com/app3

A user logs in using their cognito login on any given application. Problem is if they go to another application they have to log into that one as well. I'd like to use a token created at login to verify the user on other apps so they don't have to login multiple times.

I'm sure this is possible but not finding anything helpful through the docs or searching.

dcp3450
  • 10,959
  • 23
  • 58
  • 110

1 Answers1

0

Depends on how your app is constructed. The issue is you need to store the login state somewhere in your application. If you are using an SPA you need to use a store. If this app has a server involved you can use server side sessions.

In the case of a server whenever the user visits a page you need to verify that they have a valid session before proceeding.

In the case of an spa you only need to verify once when the page initially loads and prevent your app from rendering unless that token exist.

Keep in mind with an spa your apps insides are all exposed so make sure any sensitive information your app provides only comes from a place that verifies tokens first (like api gateway).

Presley Cobb
  • 100
  • 1
  • 8
  • Understandable. The biggest issue I'm having is how to make this request to AWS. The docs say a specific tokens can be used to verify but it doesn't explain how. – dcp3450 Sep 12 '22 at 14:37
  • You can use the aws sdk for this or aws amplify or look up the npm cognito package. There are lots of videos online about how to create a login system with cognito. – Presley Cobb Sep 20 '22 at 00:05