Custom Cognito identity and user pool

webiny / webiny-js

Open-source serverless enterprise CMS. Includes a headless CMS, page builder, form builder, and file manager. Easy to customize and expand. Deploys to AWS.

https://www.webiny.com

Other

7.23k stars 590 forks source link

Custom Cognito identity and user pool #2688

Open JamesMillerBlog opened 1 year ago

JamesMillerBlog commented 1 year ago

Hi there

I’ve come across Webiny and it looks very exciting.

Core question for me, is if I wanted to use Webiny CMS with all it features, but wanted to use an existing cognito identity and user pool (instead of the one generated by Webiny via Pulumi) is this possible?

If so, could you please point me to an example of how exactly I can swap in my own cognito identity and user pool envs into Webinys configuration?

Could you also please clarify when in the set up process this would need to happen?

Lastly, is there any particular configuration of cognito itself that needs to be taken into account if I am to use my own custom cognito details?

Thanks James

Pavel910 commented 1 year ago

Hi @JamesMillerBlog, your requirement popped up a few times in the past, but we never got to trying it out. Just want to mention that our user pool is only used in the admin app for "admin" users. For custom frontend apps, you'll need to have a separate user pool. So I'm curious, do you need to use your own user pool for Webiny admin app, or as a pool of your app users? (like webshop, or what have you).

Short answer: out of the box, providing your own user pool for the Admin app is not possible, yet. There's more to it than just Pulumi definition, so right now we're not focusing on making it possible.

JamesMillerBlog commented 1 year ago

Hey @Pavel910 thanks for your fast reply and sorry for my slow one!

For my use case:

I'd like a 'standard' user to log into my web app (jwt is generated when they login via cognito), they can then use that jwt to authenticate against my apps back end lambda functions to retrieve appropriate data.
I'd also like an 'admin user' to also be able to log into my web app, and authenticate with the backend same as above, but as they are an 'admin' they can then see additional functionality that I'd program (e.g see links to take them to the webiny cms)

Basically if I can get Webiny to use my existing cognito pool (which I'd happily make config adjustments as necessary for it to work), then that would be ideal as the CMS and Web app have the same user authentication.

Thank again for your longer and shorter answer, was very helpful!!

Fingers crossed you guys get around to implementing this some time :)

Pavel910 commented 1 year ago

@JamesMillerBlog we'll keep this requirement in mind, thanks for providing insights into your requirements, it helps us plan the implementation 👍