Federated identities / Sign in (Not Hosted UI).

[funwithflutter]

Not sure if this is an Amplify limitation or missing feature on Amplify Flutter. New to Amplify so excuse any misconceptions.

The following article suggests it's an API limitation: https://medium.com/@wesselsbernd/some-aws-cognito-appsync-details-as-of-may-2019-247c8531f600

This issue also showed a lot of interest in this: #182

Flutter Firebase supports third party identity sign in with signInWithCredentials. Is there something similar for Amplify? Using the Hosted UI is not idea from a native perspective. Showing the browser popup is rather invasive.

If there is no schedule for this I think it would be great if examples are provided in the docs showing how we can integrate a native sign in flow (not Hosted UI). Or at least point other people who stumble on this issue in the right direction with regards to the relevant API/Docs.

Alternatively, maybe the Hosted UI browser can be better integrated/hidden.

[haverchuck]

@funwithflutter Thanks for posting this! I am marking this as a feature request (both for the doc update and the functionality). Just to clarify - if we used a signInWithCredentials-like API, would it be acceptable for your use case to require a Cognito Identity Pool to provision the AWS credentials?

[funwithflutter]

@haverchuck Thanks for the quick reply! Any solution would be great. But do you mind explaining what that flow would be like, or what it would require to get working from a developers side?

What I have at this stage is only a User Pool with my required identity providers enabled (Apple/Google) - this was created manually. But I see that running the amplify CLI to generate a new project creates a User Pool and Identity Pool.

This where my lack of Cognito knowledge comes in. I'm missing what the Amplify CLI does to integrate User Pools and Identity Pools, or in general how the two work together and when to use which.

[haverchuck]

@funwithflutter The difference between Cognito User Pools and Identity Pools can sometimes be difficult to wrap your head around, so don't feel bad. Personally I've often found this article to be a helpful read. (Don't take that as an official AWS endorsement!)

As far as I know, the way to accompish your use case would be to use identity pool federation which we don't currently support directly through Flutter, but we will be looking into this further.

[funwithflutter]

Great thanks, the link you sent was helpful. I've also gone through the Cognito documentation, so I have a better understanding. My misconception was that I expected Identity Pool to talk back to User Pool. Or that there is some way to sync the two together (if that makes sense). But it makes more sense to have Identity Pool as the source of truth and enable User Pool and whatever other sign in identity you want on the Identity Pool.

For anyone else reading this, here is an article (from the same series linked above) showing how to use Facebook with Identity Providers.

What also got me confused was this video: https://www.youtube.com/watch?v=oOlwgJyO0is&t=1335s

It's timestamped to the correct location, where he suggests using lamdas to validate the third party identity and creating your own flow with User Pools. But this seems hacky.

Anyway, yeah having Flutter support for identity pool federation would be great! Along with some examples in the docs, maybe showing the important providers (Apple for iOS and Google for Android). Thanks again! I'm also more than willing to help if needed, as having a "native" sign in experience will be a must have requirement for the project I'm working on within the next couple of months.

[raph]

I think this limitation is the main reason flutter developers are going to firebase over amplify. The main advantage of having social auth and signup is the decreased friction on signup. That advantage is non-existent without this feature. This is a dealbreaker for amplify. As a product manager, its hard to understand how this is not on the roadmap for the amplify-flutter team.

[MohammedNoureldin]

@raph Totally agree, This is absolutely a very important feature.

I am working on a project, and seriously thinking about switching to Firebase because of lacking this (at least if it is not coming soon).

@haverchuck Is there any official statement if we are gonna get a more user-friendly auth methods any soon? I guess any milestone entry would give us the ability to plan for the future. Thank you!

[yadisnel]

No news here?

[stevegcc]

Also seriously considering switching a new project from Amplify to Firebase due to this. As @MohammedNoureldin mentioned, there if there was an official statement that this will go ahead I'll stick with Amplify and update my implementation in the future, otherwise Firebase is likely to win out here.

[padaszewski]

Any updates on this? Considering this one as a game changer.

[look1n]

Would love to see this in amplify-flutter. Any updates?

[hiru-vn]

Please support this feature

[RobskiV]

Any updates?

[matthewfx]

Hey AWS team. Could you please let us know if and when we can expect this to be done? It is a weird experience that Google/Apple sign-in has to be done through a web UI and we've been experiencing drop-offs because of it. I think that should be very high on your priority list. Thank you in advance for any updates on it.

[haverchuck]

Closing this issue as a duplicate of #182. We understand this is an important feature, and want to track it under one issue.

[dnys1]

Reopening to track direct federation into user pools.

Federation into identity pools is available in Amplify Flutter as mentioned here.

[rasmus-rudling]

@dnys1 @Jordan-Nelson any idea how long it will take to not be required to use the web UI? As others have mentioned before, we're also considering switching over to Firebase for our Flutter app if this won't be fixed in the near future as it's too off-brand to go with the web UI.

[abdallahshaban557]

Hi @rasmus-rudling - we do not have an exact timeline yet, but we are discussing this as a high priority item with the Cognito team. We will provide an update when we have next steps identified.

[lerpof]

Hello @rasmus-rudling is there any news about it? I need to authenticate user within the application with a custom Federated identity provider. Thank you!