search

awslabs / amazon-kinesis-video-streams-webrtc-sdk-android

Android SDK for interfacing with Amazon Kinesis Video Streams Signaling Service.
Apache License 2.0
58 stars 37 forks source link

the Cognito authentication for this sdk #83

Closed bravepiper closed 1 year ago

bravepiper commented 1 year ago

I'd like to know the authentication way for this sdk, besides Cognito, can app use access key id and session token to connect to kvs too? if so, is there sample or document to guide how to do?

Thanks

bravepiper commented 1 year ago

Any suggestion for this? thanks

sirknightj commented 1 year ago

Here are the credential providers available in the AWS SDK for Android: JavaDoc.

We only recommend using Cognito with mobile applications, which fetches and refreshes temporary AWS credentials for your account, and the SDK uses those Access Key, Secret Key, and Session Token for accessing the KVS APIs.

https://github.com/awslabs/amazon-kinesis-video-streams-webrtc-sdk-android/blob/c5c37a4010d388411d02e771ae5649769a5ba69b/src/main/java/com/amazonaws/kinesisvideo/demoapp/activity/WebRtcActivity.java#L807-L812

There's an AWS article that you may want to check out here which explains vulnerabilities in your application if permanent non-rotating iam credentials were to be used.