Our notes app needs to handle user accounts and authentication in a secure and reliable way. To do this we are going to use Amazon Cognito.

Amazon Cognito User Pool makes it easy for developers to add sign-up and sign-in functionality to web and mobile applications. It serves as your own identity provider to maintain a user directory. It supports user registration and sign-in, as well as provisioning identity tokens for signed-in users.

In this chapter, we are going to create a User Pool for our notes app.

Create User Pool

From your AWS Console, select Cognito from the list of services.

Select Amazon Cognito Service screenshot

Select Manage your User Pools.

Select Manage Your Cognito User Pools screenshot

Select Create a User Pool.

Select Create a Cognito User Pool screenshot

Enter Pool name and select Review defaults.

Fill in Cognito User Pool info screenshot

Select Create pool at the bottom of the page.

Select Create pool screenshot

Now that the User Pool is created. Take a note of the Pool Id and Pool ARN which will be required later.

Cognito User Pool Created Screenshot

Create App

Select Apps from the left panel.

Select Congito User Pool Apps Screenshot

Select Add an app.

Select Add An App Screenshot

Enter App name, un-select Generate client secret, select Enable sign-in API for server-based authentication, then select Create app.

  • Generate client secret: user pool apps with a client secret are not supported by JavaScript SDK. Need to un-select the option.
  • Enable sign-in API for server-based authentication: required by AWS CLI when managing the pool users via command line interface. We will be creating a test user through command line interface in the next chapter.

Fill Cognito User Pool App Info Screenshot

Now that the app is created. Take a note of the App client id which will be required in the later chapters.

Cognito User Pool App Created Screenshot

Now our Cognito User Pool is ready. It will maintain a user directory for our notes app. It will also be used to authenticate access to our API. Next let’s set up a test user within the pool.