Skip to main content

AWS Coginto Service Provider Set up

AWS Cognito allows you to easily add authentication to your application. Web3Auth supports AWS Cognito as a service provider. You can create a verifier for AWS Cognito and integrate it into your application. This page will help you set up AWS Cognito as a service provider with Web3Auth.

Take a look at the supported social logins on AWS Cognito

Create an AWS Cognito Application

If you haven't already, create an AWS Cognito application for your project. It is the mandatory step before we proceed further. After the basic setup, we'll learn how to create an AWS Cognito verifier for the Web3Auth project.

Learn how to set up AWS Cognito.

Create an AWS Cognito Verifier

Create a AWS Cognito Verifier from the Custom Authentication tab of your Web3Auth Project.

  • Click on the Custom Authentication tab of your Web3Auth Project.

  • Click on the Create Verifier button.

  • Enter a name of your choice for the verifier identifier. eg. w3a-cognito-demo

  • Select Custom Providers from Choose a Login Provider section. Verifier Modal on Web3Auth Dashboard

  • JWKS Endpoint: Enter https://cognito-idp.{REGION}.amazonaws.com/{USER_POOL_ID}/.well-known/jwks.json as the JWKS endpoint for the Cognito.

  • Now you have the option to paste a sample idToken(JWT) to get the fields for the JWT validation. This step is optional, but if you have a sample JWT you can paste it here to get the fields for the JWT validation. You can also skip this step and fill in the fields manually.

  • The following are the JWT validation fields needed for the Cognito JWT validation:

    • Type iss as a field and https://cognito-idp.{REGION}.amazonaws.com/{USER_POOL_ID} as a value.
    • Next, type aud as a field and APP_CLIENT_ID as a value.

    Note: Replace the REGION, USER_POOL_ID and APP_CLIENT_ID with your Cognito specific details.

  • Next, Select Sub, Email or a Custom value from the dropdown for the JWT Verifier ID. This is the field that will be used as the verifier ID for the user, and it has to be unique for each user.

  • Finally, Click on the Create button to create your verifier.

Verifier Modal on Web3Auth Dashboard

It typically takes 5-10 minutes for the verifier to go live. Once deployed & live, you'll receive an email and the dashboard will display the 'Live' status for the verifier.

Explore Guides

Once you have set up an AWS Cognito application and the corresponding verifier in the Web3Auth dashboard, you can use the available guides to integrate it into your project. The ability to use a custom verifier is not restricted to specific SDKs and platforms. You can refer to our SDK references to understand how to utilize a custom verifier.