Skip to main content

AWS Coginto Service Provider Set up

Authentication Service Providers enable you to use some implicit and authorization code grants. You could also use social providers on top of Federated / Identity providers to select other Social providers (e.g.: Twitter, Apple, GitHub, LinkedIn, WeChat etc.) that are not natively supported by us. Note: This will require you to register an app with the Authentication Service Providers.

This guide will help you to set up AWS Coginto service prvoider:

Set up AWS Cognito

If you haven't already, set up Auth0 for your project. It is the mandatory step before we proceed further. After the basic setup, we'll learn how to create a custom verifier for the Web3Auth project. Learn how to set up AWS Cognito.

Set up a Custom verifier

Create a AWS Cognito Verifier from the Custom Authentication tab of your Web3Auth Project.

  • Click on the Custom Authentication tab of your Web3Auth Project.

  • Click on the Create Verifier button.

  • Enter a name of your choice for the verifier identifier. eg. w3a-cognito-demo

  • Select Custom Providers from Choose a Login Provider section. Verifier Modal on Web3Auth Dashboard

  • JWKS Endpoint: Enter https://cognito-idp.{REGION}{USER_POOL_ID}/.well-known/jwks.json as the JWKS endpoint for the Cognito.

  • Now you have the option to paste a sample idToken(JWT) to get the fields for the JWT validation. This step is optional, but if you have a sample JWT you can paste it here to get the fields for the JWT validation. You can also skip this step and fill in the fields manually.

  • The following are the JWT validation fields needed for the Cognito JWT validation:

    • Type iss as a field and https://cognito-idp.{REGION}{USER_POOL_ID} as a value.
    • Next, type aud as a field and APP_CLIENT_ID as a value.

    Note: Replace the REGION, USER_POOL_ID and APP_CLIENT_ID with your Cognito specific details.

  • Next, Select Sub, Email or a Custom value from the dropdown for the JWT Verifier ID. This is the field that will be used as the verifier ID for the user, and it has to be unique for each user.

  • Finally, Click on the Create button to create your verifier.

Verifier Modal on Web3Auth Dashboard

It may take up to 10 minutes to deploy the verifier on sapphire_devnet. You'll receive an email once it's complete.


After you have set up AWS Cognito and the corresponding Custom verifier in the Web3Auth Dashboard, you can follow the guides to integrate it into your project. The support for using a custom verifier is not limited to the below SDKs and platforms. You can check out our SDK references to learn how to use a custom verifier.