search

aws-amplify / amplify-cli

The AWS Amplify CLI is a toolchain for simplifying serverless web and mobile development.
Apache License 2.0
2.8k stars 819 forks source link

Integrate Magic.Link within AWS Amplify ecosystem #8004

Open luisalrp opened 2 years ago

luisalrp commented 2 years ago

Is this related to a new or existing Amplify category?

auth

Is this related to another service?

Cognito

Describe the feature you'd like to request

Add Magic.Link as an OIDP.

Describe the solution you'd like

Use Magic.Link as an IdP to work with AWS Amplify and relay on AWS powerful services to build on top and use Magic.Link functionality for web3 approaches on the app client.

Describe alternatives you've considered

Custom Lambda Authorization via AppSync.

Additional context

I asked on Twitter to Nader Dabit about if it would be possible to use magic link within AWS Amplify and I received a lot of feedback from Nader, Ricardo and Arek.

I've been thinking after reading answers on tuit the that Magic Link solves me a lot of things, specially in web3 universe but it breaks good practices in user authentication using 2/3 of knowledge, possession and inherence.

Is this something that you'd be interested in working on?

attilah commented 2 years ago

@luisalrp could you describe more the use case you'd like to supported by Amplify CLI, describing which services would be involved, what features of Magic.Link would you use and how, to help us get a better grasp over what you try to achieve.

I assigned this issue to our PM @renebrandel for visibility.

luisalrp commented 2 years ago

Sure. I try to explain it better since I've been reading about it the last days.

I would like to use Magic Link as a federated identity because its solution is so powerful in web3 world. Space in blockchains is really scarce and expensive, so for everything else related to the user that doesn't have to be in a blockchain, cloud is perfect, and amplify is even more perfect, since -from my understanding- you can create, config and maintain complex solutions with small effort.

The ideal use case would be to add my users onboarded on Magic Link to a Cognito User Pool, so then they can call GraphQL APIs to perform operations and the graphql it self is going to discriminate if the user has the rights to perform it.

It would empower the user to almost be the owner of his data. It gives an amazing granularity. A normal user just can read/write/update his/her own data.

I have also asked in the Magic.Link discord feedback channel about it and they said me they will give a think and also they will keep an eye in this issue.

To be honest, the more I read and think on the problem, the more difficult it seems to me.

Thanks @attilah @renebrandel !!!