How to add social (facebook/google etc.) authentication to user pool (not identity pool) without hosted UI?

[JurajBegovac]

Hi,

we're using Cognito userpool to create users (to perform authentication that we use on our BE - so to get access and refresh token) - it's working fine when adding a user with an email but I got stuck when I tried to achieve it with some social provider (e.g. Facebook).

As far as I know, adding a user with some social provider is possible only with HOSTED UI: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-social-idp.html

Why?

That's not native for Android - I don't want to launch a browser (or chrome custom tab or webview) to create a user with Facebook. Ideally, I would like to fetch Facebook token with Facebook SDK and pass that token to Cognito to create a user in user pool.

Also, I went through this sample: https://github.com/awslabs/aws-sdk-android-samples/tree/master/AmazonCognitoAuthDemo

and created auth like this:

 Auth.Builder builder = new Auth.Builder().setAppClientId(getString(R.string.cognito_client_id))
                .setAppClientSecret(getString(R.string.cognito_client_secret))
                .setAppCognitoWebDomain(getString(R.string.cognito_web_domain))
                .setApplicationContext(getApplicationContext())
                .setAuthHandler(new callback())
                .setSignInRedirect(getString(R.string.app_redirect))
                .setIdentityProvider("Facebook") // <--- !!! ADDED THIS
                .setSignOutRedirect(getString(R.string.app_redirect));

But that snippet is just opening an url with chrome custom tabs so - it doesn't look and feel natively and it works only if user has Chrome browser installed...

This issue is almost similar as https://github.com/aws-amplify/aws-sdk-android/issues/370 but that one is old and it was not resolved so I opened a new one.

Please can you answer if what I described is possible or we can take a look at other alternatives like Firebase (or is there a way to hack/fake identity pool to insert a user in user pool after doing federatedSignIn ?).

Thank you in advance

[TrekSoft]

Cognito currently doesn't support this but we are in touch with them about adding this functionality so will update as we find out more.

[RecargoJereld]

Any updates on this issue? Forcing a min sdk level of 23 prevents 15% of the Android audience from being able to use any apps that integrate Hosted UI.

[TrekSoft]

The original issue asked about here is on our roadmap for this year - it sounds like you're asking about a different one though with the min level SDK.

[RecargoJereld]

Thanks for the reply. That's great to know.

It was tangential comment about how if we want to use social sign in with Cognito User Pools we have to use Hosted UI which has the min sdk level requirement.

[TrekSoft]

Gotcha gotcha - yeah we have a separate issue open for that here which we plan to look into soon as well: https://github.com/aws-amplify/aws-sdk-android/issues/471

[rafcpz]

how can I access this sample? https://github.com/awslabs/aws-sdk-android-samples/tree/master/AmazonCognitoAuthDemo

[TrekSoft]

They changed the branch name so the link is now: https://github.com/awslabs/aws-sdk-android-samples/tree/main/AmazonCognitoAuthDemo

[kirillvasilenko]

Any updates on this issue?

[ShyamSampath]

Any updates on this issue?I have been looking for the update on similar issues for more than a year now and none of the issues got an update.

[taouichaimaa]

https://github.com/awslabs/aws-sdk-android-samples/tree/main/AmazonCognitoAuthDemo

Link is not working. Any possible demos ?

[Inshaki]

Any updates here?

[xaluxs]

Any news on this, I would not want to move to firebase and have two different mechanisms

[abdallahshaban557]

Hello everybody! Our team is working with the Amazon Cognito team to allow developers to build native social sign in experiences, without using HostedUI. We will provide further updates when we have clarity on our timelines.