Integrating AWS cognito with corteza

[piyushsharma21]

Discussed in https://github.com/orgs/cortezaproject/discussions/1888

^{Originally posted by **piyushsharma21** August 21, 2024} Hello Corteza Team, Thank you for developing such a fantastic product. I am currently working on integrating Corteza with our existing CRM system, which utilizes AWS Cognito for authentication. Could you please provide guidance on whether it is possible to integrate AWS Cognito with Corteza, and if so, how this can be achieved? Thank you for your assistance. Best regards, Piyush Sharma

[Fajfa]

https://docs.cortezaproject.org/corteza-docs/2023.9/integrator-guide/authentication/authenticate-external/with-corteza.html#provider

This could be useful. I have no experience with AWS Cognito but if its just an auth client then it can probably be configured like this.

ChatGPT says it can help: https://chatgpt.com/share/da02adc4-3c77-4214-aea0-4b45569a1b81

[piyushsharma21]

Hello @Fajfa , thanks for your response! I’m successfully using AWS Cognito for authentication, but when I use the Cognito access token for Corteza API calls (like reading records), I encounter an "invalid token" error. Could you please guide me on how to obtain a Corteza access token using Cognito?

Update: If you can suggest me any other way (or share sample curl) to get user specific access & refresh token using API call, that will be a great help. I tried grant type authorization_code, but don't know how to use this in API calls.

[tjerman]

@piyushsharma21 can you use it as an OIDC?

To access stuff in Corteza, you'll need to use an access token issued by Corteza. If you want to use some external identity provider which we don't support out of the box, you'll need to configure an OIDC under /admin/system/settings in your admin web application.

[piyushsharma21]

hi @tjerman thanks for replying,

Yes, I’m currently using an OIDC setup. My other application also uses AWS Cognito (with the same user pool and client as Corteza). I’m exploring a way to generate Corteza tokens using Cognito, so I can streamline token management and avoid handling multiple tokens.

Additionally, could you suggest a way to terminate a Corteza user session upon logout using API?

[tjerman]

I’m exploring a way to generate Corteza tokens using Cognito

If you've set Cognito as an OIDC then there isn't much extra work to do -- the user clicks on the correct button in the login screen and then tokens are created automagically.

Additionally, could you suggest a way to terminate a Corteza user session upon logout using API

hm hm hm can't recall the endpoint so probably best you check the network tab and see what requests are sent when you click the logout button.

[github-actions[bot]]

Stale issue message