AWS Mobile
Developer Guide

Add User Sign-in to Your Mobile App with Amazon Cognito

Android - JavaAndroid - KotliniOS - Swift
Android - Java

Enable your users to sign in using credentials from Facebook, Google, or your own custom user directory. The CLI deploys Amazon Cognito identity pool and user pools to create your backend.

Android - Kotlin

Enable your users to sign in using credentials from Facebook, Google, or your own custom user directory. The CLI deploys Amazon Cognito identity pool and user pools to create your backend.

iOS - Swift

Enable your users to sign-in using credentials from Facebook, Google, or your own custom user directory. The CLI deploys Amazon Cognito identity pool and user pools to create your backend.

Set Up Your Backend

Prerequisite Complete the Get Started steps before you proceed.

Email & PasswordFacebookGoogle
Email & Password

This default auth configuration sets up a custom user pool for your app.

To set up email and password sign-in

  1. In a terminal window, navigate to the root of your app files and add the auth category to your app. The CLI will prompt you for configuration parameters.

    Android - JavaAndroid - KotliniOS - Swift
    Android - Java

    Navigate to your project folder (the folder that typically contains your project level build.gradle), and add the SDK to your app.

    $ cd ./YOUR_PROJECT_FOLDER $ amplify add auth
    Android - Kotlin

    Navigate to your project folder (the folder that typically contains your project level build.gradle), and add the SDK to your app.

    $ cd ./YOUR_PROJECT_FOLDER $ amplify add auth
    iOS - Swift

    Navigate to your project folder (the folder that contains your app .xcodeproj file), and add the SDK to your app.

    $ cd ./YOUR_PROJECT_FOLDER $ amplify add auth
  2. Choose the default configuration.

    ❯ Yes, use the default configuration.
  3. When configuration for email and password sign-in is complete, a message appears confirming that you have configured local CLI metadata for this category. You can confirm this by viewing status.

    $ amplify push | Category | Resource name | Operation | Provider plugin | | -------- | --------------- | --------- | ----------------- | | Auth | cognitoabcd0123 | Create | awscloudformation |
  4. To create your backend AWS resources run the following:

    amplify push
  5. Follow the Set up Email & Password Login steps to connect to your backend from your app.

Facebook

To set up Facebook sign-in

  1. In a terminal window, navigate to the root of your app files and add the auth category to your app. The CLI prompts you for configuration parameters.

    $ cd ./YOUR_APP_ROOT $ amplify add auth
  2. Choose to set up your own configuration.

    ❯ No, I will set up my own configuration.
  3. Choose to set up authentication flow using AWS IAM access controls.

    ❯ User Sign-Up, Sign-In, connected with AWS IAM controls
  4. Choose yes, to: ? Allow unauthenticated logins?.

  5. Choose yes, to: ? Do you want to enable 3rd party authentication providers in your identity pool?.

  6. Choose Facebook and then provide your Facebook app ID. To retrieve or create your Facebook app ID, see Setting Up Facebook Authentication..

  7. When configuration for Facebook sign-in is complete, the CLI displays a message confirming that you have configured local CLI metadata for this category. You can confirm this by viewing status.

    $ amplify status | Category | Resource name | Operation | Provider plugin | | --------- | --------------- | --------- | ----------------- | | Auth | cognitoa7cbb553 | Create | awscloudformation |
  8. To create your backend AWS resources run the following:

    amplify push
  9. Follow the steps at Set Up Facebook Login to connect to your backend from your app.

Google

To set up Google sign-in

  1. In a terminal window, navigate to the root of your app files and add the auth category to your app. The CLI prompts you for configuration parameters.

    $ cd ./YOUR_APP_ROOT $ amplify add auth
  2. Choose to set up your own configuration.

    ❯ No, I will set up my own configuration.
  3. Choose to set up authentication flow using AWS IAM access controls.

    ❯ User Sign-Up, Sign-In, connected with AWS IAM controls ...
  4. Choose yes, to: ? Allow unauthenticated logins?.

  5. Choose yes, to: ? Do you want to enable 3rd party authentication providers in your identity pool?.

  6. Choose Google and then provide your Google client ID. To retrieve or create your Google app ID, see Setting Up Google Authentication..

  7. When configuration for Google sign-in is complete, the CLI displays a message confirming that you have configured local CLI metadata for this category. You can confirm this by viewing status.

    $ amplify status | Category | Resource name | Operation | Provider plugin | | --------- | --------------- | --------- | ----------------- | | Auth | cognitoa7cbb553 | Create | awscloudformation |
  8. To create your backend AWS resources run the following:

    amplify push
  9. Follow the steps at Set Up Google Login to connect to your backend from your app.

Note that the CLI allows you to select more than one identity provider for your app. You can also run amplify auth update to add an identity provider to an existing auth configuration.

Set Up Email and Password Login in Your Mobile App

Choose your platform:

Android - JavaAndroid - KotliniOS - Swift
Android - Java

Use Android API level 23 or higher

The AWS Mobile SDK library for Android sign-in (aws-android-sdk-auth-ui) provides the activity and view for presenting a SignInUI for the sign-in providers you configure. This library depends on the Android SDK API Level 23 or higher.

  1. Add the following permissions to the AndroidManifest.xml file:

    <uses-permission android:name="android.permission.INTERNET"/> <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>
  2. Add the following dependencies to the app/build.gradle file:

    dependencies { // Mobile Client for initializing the SDK implementation ('com.amazonaws:aws-android-sdk-mobile-client:2.7.+@aar') { transitive = true } // Cognito UserPools for SignIn implementation 'com.android.support:support-v4:24.+' implementation ('com.amazonaws:aws-android-sdk-auth-userpools:2.7.+@aar') { transitive = true } // Sign in UI Library implementation 'com.android.support:appcompat-v7:24.+' implementation ('com.amazonaws:aws-android-sdk-auth-ui:2.7.+@aar') { transitive = true } } Note: When you add the dependencies, make sure that the major version of appcompat and support libraries match. In the previous example, we're using version 24.
  3. Create an activity that will present your sign-in screen.

    In Android Studio, choose File > New > Activity > Basic Activity and type an activity name, such as AuthenticatorActivity. If you want to make this your starting activity, move the intent filter block containing .LAUNCHER to the AuthenticatorActivity in your app's AndroidManifest.xml.

    <activity android:name=".AuthenticatorActivity"> <intent-filter> <action android:name="android.intent.action.MAIN" /> <category android:name="android.intent.category.LAUNCHER" /> </intent-filter> </activity>
  4. Update the onCreate function of your AuthenticatorActivity to call AWSMobileClient. This component provides the functionality to resume a signed-in authentication session. It makes a network call to retrieve the AWS credentials that allow users to access your AWS resources and registers a callback for when that transaction is complete.

    If the user is already signed in, the app switches to the NextActivity. If the user isn't signed in, the user is presented with the AWS Mobile configurable sign-in UI. After the user is authenticated, the app continues to the NextActivity.

    import android.app.Activity; import android.os.Bundle; import com.amazonaws.mobile.auth.ui.SignInUI; import com.amazonaws.mobile.client.AWSMobileClient; import com.amazonaws.mobile.client.AWSStartupHandler; import com.amazonaws.mobile.client.AWSStartupResult; public class AuthenticatorActivity extends Activity { @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.activity_authenticator); // Add a call to initialize AWSMobileClient AWSMobileClient.getInstance().initialize(this, new AWSStartupHandler() { @Override public void onComplete(AWSStartupResult awsStartupResult) { SignInUI signin = (SignInUI) AWSMobileClient.getInstance().getClient( AuthenticatorActivity.this, SignInUI.class); signin.login( AuthenticatorActivity.this, NextActivity.class).execute(); } }).execute(); } }

Choose the run icon () in Android Studio to build your app and run it on your device/emulator. You should see the ready made sign-in UI for your app. Check out the next steps to learn how to customize your UI.

API References

  • AWSMobileClient

    A library that initializes the SDK, constructs CredentialsProvider and AWSConfiguration objects, fetches the AWS credentials, and creates a SDK SignInUI client instance.

  • Auth UserPools

    A wrapper library for Amazon Cognito user pools that provides a managed email/password sign-in UI.

  • Auth Core

    A library that caches and federates a login provider authentication token using Amazon Cognito federated identities, caches the federated AWS credentials, and handles the sign-in flow.

Android - Kotlin

Use Android API level 23 or higher

The AWS Mobile SDK library for Android sign-in (aws-android-sdk-auth-ui) provides the activity and view for presenting a SignInUI for the sign-in providers you configure. This library depends on the Android SDK API Level 23 or higher.

  1. Add the following permissions to the AndroidManifest.xml file:

    <uses-permission android:name="android.permission.INTERNET"/> <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>
  2. Add the following dependencies to the app/build.gradle file:

    dependencies { // Mobile Client for initializing the SDK implementation ('com.amazonaws:aws-android-sdk-mobile-client:2.7.+@aar') { transitive = true } // Cognito UserPools for SignIn implementation 'com.android.support:support-v4:24.+' implementation ('com.amazonaws:aws-android-sdk-auth-userpools:2.7.+@aar') { transitive = true } // Sign in UI Library implementation 'com.android.support:appcompat-v7:24.+' implementation ('com.amazonaws:aws-android-sdk-auth-ui:2.7.+@aar') { transitive = true } } Note: When you add the dependencies, make sure that the major version of appcompat and support libraries match. In the previous example, we're using version 24.
  3. Create an activity that will present your sign-in screen.

    In Android Studio, choose File > New > Activity > Basic Activity and type an activity name, such as AuthenticatorActivity. If you want to make this your starting activity, move the intent filter block containing .LAUNCHER to the AuthenticatorActivity in your app's AndroidManifest.xml.

    <activity android:name=".AuthenticatorActivity"> <intent-filter> <action android:name="android.intent.action.MAIN" /> <category android:name="android.intent.category.LAUNCHER" /> </intent-filter> </activity>
  4. Update the onCreate function of your AuthenticatorActivity to call AWSMobileClient. This component provides the functionality to resume a signed-in authentication session. It makes a network call to retrieve the AWS credentials that allows users to access your AWS resources and registers a callback for when that transaction is complete.

    If the user is already signed in, the app switches to the NextActivity. If the user isn't signed in, the user is presented with the AWS Mobile configurable sign-in UI. After the user is authenticated, the app continues to the NextActivity.

    import android.app.Activity; import android.os.Bundle; import com.amazonaws.mobile.auth.ui.SignInUI; import com.amazonaws.mobile.client.AWSMobileClient; import com.amazonaws.mobile.client.AWSStartupHandler; import com.amazonaws.mobile.client.AWSStartupResult; class AuthenticatorActivity : Activity() { override fun onCreate(savedInstanceState: Bundle?) { super.onCreate(savedInstanceState) AWSMobileClient.getInstance().initialize(this) { val signInUI = AWSMobileClient.getInstance().getClient( this@AuthenticatorActivity, SignInUI::class.java) as SignInUI? signInUI?.login( this@AuthenticatorActivity, MainActivity::class.java)?.execute() }.execute() }

Choose the run icon () in Android Studio to build your app and run it on your device/emulator. You should see the ready made sign-in UI for your app. Check out the next steps to learn how to customize your UI.

API References

  • AWSMobileClient

    A library that initializes the SDK, constructs CredentialsProvider and AWSConfiguration objects, fetches the AWS credentials, and creates a SDK SignInUI client instance.

  • Auth UserPools

    A wrapper library for Amazon Cognito user pools that provides a managed email/password sign-in UI.

  • Auth Core

    A library that caches and federates a login provider authentication token using Amazon Cognito federated identities, caches the federated AWS credentials, and handles the sign-in flow.

iOS - Swift
  1. Add the following dependencies in your project's Podfile:

    platform :ios, '9.0' target :'YOUR-APP-NAME' do use_frameworks! pod 'AWSUserPoolsSignIn', '~> 2.6.13' pod 'AWSAuthUI', '~> 2.6.13' pod 'AWSMobileClient', '~> 2.6.13' # other pods end
  2. Pull the SDK libraries into your local repo as follows:

    pod install --repo-update

    If you encounter an error message that begins "[!] Failed to connect to GitHub to update the CocoaPods/Specs . . .", and your internet connectivity is working, you may need to update openssl and Ruby.

  3. Create a AWSMobileClient and initialize the SDK.

    Add code to create an instance of AWSMobileClient in the application:open url function of your AppDelegate.swift, to resume a previously signed-in authenticated session.

    Then add another instance of AWSMobileClient in the didFinishLaunching function to register the sign-in providers, and to fetch Amazon Cognito credentials that AWS will use to authorize access when the user signs in.

    import UIKit import AWSMobileClient @UIApplicationMain class AppDelegate: UIResponder, UIApplicationDelegate { // Add an AWSMobileClient call in application:open url func application(_ application: UIApplication, open url: URL, sourceApplication: String?, annotation: Any) -> Bool { return AWSMobileClient.sharedInstance().interceptApplication( application, open: url, sourceApplication: sourceApplication, annotation: annotation) } // Add an AWSMobileClient call in application:didFinishLaunching func application( _ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplicationLaunchOptionsKey: Any]?) -> Bool { // Other code for application startup here. return AWSMobileClient.sharedInstance().interceptApplication( application, didFinishLaunchingWithOptions: launchOptions) } // Other functions in AppDelegate . . . }
  4. Make sure you have a UINavigationController in your app to use the sign-in UI. The sign-in UI uses the UINavigationController as an anchor to perform all the transitions. Learn more about using UINavigationController.

  5. Implement your sign-in UI by calling the library provided in the SDK.

    import UIKit import AWSAuthCore import AWSAuthUI class SampleViewController: UIViewController { override func viewDidLoad() { super.viewDidLoad() // Call the showSignIn method from your `viewDidLoad` method // The showSignIn() method will check if the user is logged in, // and if the user is not logged in, it will present a sign-in UI using the navigation controller the view is part of. showSignIn() } func showSignIn() { if !AWSSignInManager.sharedInstance().isLoggedIn { AWSAuthUIViewController .presentViewController(with: self.navigationController!, configuration: nil, completionHandler: { (provider: AWSSignInProvider, error: Error?) in if error != nil { print("Error occurred: \(String(describing: error))") } else { // Sign in successful. } }) } } }

Choose the run icon () in the top left of the Xcode window or type -R to build and run your app. You should see our pre-built sign-in UI for your app. Check out the next steps to learn how to customize your UI.

API References

  • AWSMobileClient

    A library that initializes the SDK, fetches the AWS credentials, and creates a SDK SignInUI client instance.

  • Auth UserPools

    A wrapper Library for Amazon Cognito UserPools that provides a managed Email/Password sign-in UI.

  • Auth Core

    A library that caches and federates a login provider authentication token using Amazon Cognito Federated Identities, caches the federated AWS credentials, and handles the sign-in flow.

Set Up Facebook Login in Your Mobile App

Android - JavaAndroid - KotliniOS - Swift
Android - Java

Use Android API level 23 or higher

The AWS Mobile SDK library for Android sign-in (aws-android-sdk-auth-ui) provides the activity and view for presenting a SignInUI for the sign-in providers you configure. This library depends on the Android SDK API Level 23 or higher.

  1. Add or update your AWS backend configuration file to incorporate your new sign-in. For details, see the last steps in the Get Started: Set Up Your Backend section.

  2. Add the following permissions and Activity to your AndroidManifest.xml file:

    <uses-permission android:name="android.permission.INTERNET"/> <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>
    <activity android:name="com.facebook.FacebookActivity" android:exported="true"> <intent-filter> <action android:name="android.intent.action.VIEW" /> <category android:name="android.intent.category.DEFAULT" /> <category android:name="android.intent.category.BROWSABLE" /> <data android:scheme="@string/fb_login_protocol_scheme" /> </intent-filter> </activity>
    <meta-data android:name="com.facebook.sdk.ApplicationId" android:value="@string/facebook_app_id" />
  3. Add the following dependencies to your app/build.gradle file:

    dependencies { // Mobile Client for initializing the SDK implementation ('com.amazonaws:aws-android-sdk-mobile-client:2.7.+@aar') { transitive = true } // Facebook SignIn implementation 'com.android.support:support-v4:24.+' implementation ('com.amazonaws:aws-android-sdk-auth-facebook:2.7.+@aar') { transitive = true } // Sign in UI implementation 'com.android.support:appcompat-v7:24.+' implementation ('com.amazonaws:aws-android-sdk-auth-ui:2.7.+@aar') { transitive = true } } Note: When you add the dependencies, make sure that the major version of appcompat and support libraries match. In the previous example, we're using version 24.
  4. In strings.xml, add string definitions for your Facebook app ID and login protocol scheme. The value for app_id is your Facebook app ID and the value for logic_protocol_scheme should be your Facebook app ID prefixed with fb.

    <string name="facebook_app_id">1231231231232123123</string> <string name="fb_login_protocol_scheme">fb1231231231232123123</string>
  5. Create an activity that will present your sign-in screen.

    In Android Studio, choose File > New > Activity > Basic Activity and type an activity name, such as AuthenticatorActivity. If you want to make this your starting activity, move the intent filter block containing .LAUNCHER to the AuthenticatorActivity in your app's AndroidManifest.xml.

    <activity android:name=".AuthenticatorActivity"> <intent-filter> <action android:name="android.intent.action.MAIN" /> <category android:name="android.intent.category.LAUNCHER" /> </intent-filter> </activity>
  6. Update the onCreate function of your AuthenticatorActivity to call AWSMobileClient. This component provides the functionality to resume a signed-in authentication session. It makes a network call to retrieve the AWS credentials that allow users to access your AWS resources and registers a callback for when that transaction is complete.

    If the user is already signed in, the app switches to the NextActivity. If the user is not signed in, the user is presented with the AWS Mobile configurable sign-in UI. After the user is authenticated, the app continues to the NextActivity.

    import android.app.Activity; import android.os.Bundle; import com.amazonaws.mobile.auth.ui.SignInUI; import com.amazonaws.mobile.client.AWSMobileClient; import com.amazonaws.mobile.client.AWSStartupHandler; import com.amazonaws.mobile.client.AWSStartupResult; public class AuthenticatorActivity extends Activity { @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.activity_authenticator); // Add a call to initialize AWSMobileClient AWSMobileClient.getInstance().initialize(this, new AWSStartupHandler() { @Override public void onComplete(AWSStartupResult awsStartupResult) { SignInUI signin = (SignInUI) AWSMobileClient.getInstance().getClient(AuthenticatorActivity.this, SignInUI.class); signin.login(AuthenticatorActivity.this, NextActivity.class).execute(); } }).execute(); } }

Choose the run icon () in Android Studio to build your app and run it on your device/emulator. You should see the ready made sign-in UI for your app. Check out the next steps to learn how to customize your UI.

API References

  • AWSMobileClient

    A library that initializes the SDK, constructs CredentialsProvider and AWSConfiguration objects, fetches the AWS credentials, and creates a SDK SignInUI client instance.

  • Auth UserPools

    A wrapper library for Amazon Cognito user pools that provides a managed email/password sign-in UI.

  • Auth Core

    A library that caches and federates a login provider authentication token using Amazon Cognito federated identities, caches the federated AWS credentials, and handles the sign-in flow.

Android - Kotlin

Use Android API level 23 or higher

The AWS Mobile SDK library for Android sign-in (aws-android-sdk-auth-ui) provides the activity and view for presenting a SignInUI for the sign-in providers you configure. This library depends on the Android SDK API Level 23 or higher.

  1. Add or update your AWS backend configuration file to incorporate your new sign-in. For details, see the last steps in the Get Started: Set Up Your Backend section.

  2. Add the following permissions and Activity to your AndroidManifest.xml file:

    <uses-permission android:name="android.permission.INTERNET"/> <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>
    <activity android:name="com.facebook.FacebookActivity" android:exported="true"> <intent-filter> <action android:name="android.intent.action.VIEW" /> <category android:name="android.intent.category.DEFAULT" /> <category android:name="android.intent.category.BROWSABLE" /> <data android:scheme="@string/fb_login_protocol_scheme" /> </intent-filter> </activity>
    <meta-data android:name="com.facebook.sdk.ApplicationId" android:value="@string/facebook_app_id" />
  3. Add the following dependencies to your app/build.gradle file:

    dependencies { // Mobile Client for initializing the SDK implementation ('com.amazonaws:aws-android-sdk-mobile-client:2.7.+@aar') { transitive = true } // Facebook SignIn implementation 'com.android.support:support-v4:24.+' implementation ('com.amazonaws:aws-android-sdk-auth-facebook:2.7.+@aar') { transitive = true } // Sign in UI implementation 'com.android.support:appcompat-v7:24.+' implementation ('com.amazonaws:aws-android-sdk-auth-ui:2.7.+@aar') { transitive = true } }
  4. In strings.xml, add string definitions for your Facebook app ID and login protocol scheme. The value for app_id is your Facebook app ID and the value for logic_protocol_scheme should be your Facebook app ID prefixed with fb.

    <string name="facebook_app_id">1231231231232123123</string> <string name="fb_login_protocol_scheme">fb1231231231232123123</string>
  5. Create an activity that will present your sign-in screen.

    In Android Studio, choose File > New > Activity > Basic Activity and type an activity name, such as AuthenticatorActivity. If you want to make this your starting activity, move the intent filter block containing .LAUNCHER to the AuthenticatorActivity in your app's AndroidManifest.xml.

    <activity android:name=".AuthenticatorActivity"> <intent-filter> <action android:name="android.intent.action.MAIN" /> <category android:name="android.intent.category.LAUNCHER" /> </intent-filter> </activity>
  6. Update the onCreate function of your AuthenticatorActivity to call AWSMobileClient. This component provides the functionality to resume a signed-in authentication session. It makes a network call to retrieve the AWS credentials that allow users to access your AWS resources and registers a callback for when that transaction is complete.

    If the user is already signed in, the app switches to the NextActivity. If the user is not signed in, the user is presented with the AWS Mobile configurable sign-in UI. After the user is authenticated, the app continues to the NextActivity.

    import android.app.Activity; import android.os.Bundle; import com.amazonaws.mobile.auth.ui.SignInUI; import com.amazonaws.mobile.client.AWSMobileClient; import com.amazonaws.mobile.client.AWSStartupHandler; import com.amazonaws.mobile.client.AWSStartupResult; class AuthenticatorActivity : Activity() { override fun onCreate(savedInstanceState: Bundle?) { super.onCreate(savedInstanceState) AWSMobileClient.getInstance().initialize(this) { val signInUI = AWSMobileClient.getInstance().getClient( this@AuthenticatorActivity, SignInUI::class.java) as SignInUI? signInUI?.login( this@AuthenticatorActivity, MainActivity::class.java)?.execute() }.execute() }

Choose the run icon () in Android Studio to build your app and run it on your device/emulator. You should see the ready-made sign-in UI for your app. Check out the next steps to learn how to customize your UI.

API References

  • AWSMobileClient

    A library that initializes the SDK, constructs CredentialsProvider and AWSConfiguration objects, fetches the AWS credentials, and creates a SDK SignInUI client instance.

  • Auth UserPools

    A wrapper library for Amazon Cognito user pools that provides a managed email/password sign-in UI.

  • Auth Core

    A library that caches and federates a login provider authentication token using Amazon Cognito federated identities, caches the federated AWS credentials, and handles the sign-in flow.

iOS - Swift
  1. Add or update your AWS backend configuration file to incorporate your new sign-in. For details, see the last steps in the Get Started: Set Up Your Backend section.

  2. Add the following dependencies in your project's Podfile.

    platform :ios, '9.0' target :'YOUR-APP-NAME' do use_frameworks! pod 'AWSMobileClient', '~> 2.6.13' pod 'AWSFacebookSignIn', '~> 2.6.13' pod 'AWSUserPoolsSignIn', '~> 2.6.13' pod 'AWSAuthUI', '~> 2.6.13' # other pods end

    Run pod install --repo-update.

    If you encounter an error message that begins "[!] Failed to connect to GitHub to update the CocoaPods/Specs . . .", and your internet connectivity is working, you may need to update openssl and Ruby.

  3. Add Facebook meta data to Info.plist.

    To configure your Xcode project to use Facebook Login, right-choose Info.plist and then choose Open As > Source Code.

    Add the following entry, using your project name, Facebook ID and login scheme ID.

    <plist version="1.0"> <dict> <!-- YOUR OTHER PLIST ENTRIES HERE --> <!-- START OF FACEBOOK PLIST ENTRIES HERE --> <!-- 0123456789012345 BELOW IS EQUIVALENT TO YOUR APP ID --> <key>FacebookAppID</key> <string>0123456789012345</string> <key>FacebookDisplayName</key> <string>YOUR-PROJECT-NAME</string> <key>LSApplicationQueriesSchemes</key> <array> <string>fbapi</string> <string>fb-messenger-api</string> <string>fbauth2</string> <string>fbshareextension</string> </array> <!-- END OF FACEBOOK PLIST ENTRIES HERE --> <!-- ADD AN ENTRY TO CFBundleURLTypes for Facebook --> <!-- IF YOU DO NOT HAVE CFBundleURLTypes, YOU CAN COPY THE WHOLE BLOCK BELOW --> <key>CFBundleURLTypes</key> <array> <dict> <key>CFBundleURLSchemes</key> <array> <string>fb0123456789012345</string> </array> </dict> </array> <!-- ... --> </dict>
  4. Create a AWSMobileClient and initialize the SDK.

    Add code to create an instance of AWSMobileClient in the application:open url function of your AppDelegate.swift, to resume a previously signed-in authenticated session.

    Then add another instance of AWSMobileClient in the didFinishLaunching function to register the sign in providers, and to fetch an Amazon Cognito credentials that AWS will use to authorize access once the user signs in.

    import UIKit import AWSMobileClient @UIApplicationMain class AppDelegate: UIResponder, UIApplicationDelegate { // Add an AWSMobileClient call in application:open url func application(_ application: UIApplication, open url: URL, sourceApplication: String?, annotation: Any) -> Bool { return AWSMobileClient.sharedInstance().interceptApplication( application, open: url, sourceApplication: sourceApplication, annotation: annotation) } // Add an AWSMobileClient call in application:didFinishLaunching func application( _ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplicationLaunchOptionsKey: Any]?) -> Bool { return AWSMobileClient.sharedInstance().interceptApplication( application, didFinishLaunchingWithOptions: launchOptions) } // Other functions in AppDelegate . . . }
  5. Make sure you have a UINavigationController in your app to use the sign-in UI. The sign-in UI uses the UINavigationController as an anchor to perform all the transitions.

Learn more about using UINavigationController.

  1. Implement your sign-in UI by calling the library provided by the SDK.

    import UIKit import AWSAuthCore import AWSAuthUI class SampleViewController: UIViewController { override func viewDidLoad() { super.viewDidLoad() // Call the showSignIn method from your `viewDidLoad` method // The showSignIn() method will check if the user is logged in, // and if the user is not logged in, it will present a sign-in UI using the navigation controller the view is part of. showSignIn() } func showSignIn() { if !AWSSignInManager.sharedInstance().isLoggedIn { AWSAuthUIViewController .presentViewController(with: self.navigationController!, configuration: nil, completionHandler: { (provider: AWSSignInProvider, error: Error?) in if error != nil { print("Error occurred: \(String(describing: error))") } else { // Sign in successful. } }) } } }

Choose the run icon () in the top left of the Xcode window or type -R to build and run your app. You should see our pre-built sign-in UI for your app. Checkout the next steps to learn how to customize your UI.

API References

  • AWSMobileClient

    A library that initializes the SDK, fetches the AWS credentials, and creates a SDK SignInUI client instance.

  • Auth UserPools

    A wrapper Library for Amazon Cognito UserPools that provides a managed Email/Password sign-in UI.

  • Auth Core

    A library that caches and federates a login provider authentication token using Amazon Cognito Federated Identities, caches the federated AWS credentials, and handles the sign-in flow.

Set Up Google Login in Your Mobile App

Android - JavaAndroid - KotliniOS - Swift
Android - Java

Use Android API level 23 or higher

The AWS Mobile SDK library for Android sign-in (aws-android-sdk-auth-ui) provides the activity and view for presenting a SignInUI for the sign-in providers you configure. This library depends on the Android SDK API Level 23 or higher.

  1. Add or update your AWS backend configuration file to incorporate your new sign-in. For details, see the last steps in the Get Started: Set Up Your Backend section.

  2. Add the following permissions to your AndroidManifest.xml file:

    <uses-permission android:name="android.permission.INTERNET"/> <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>
  3. Add the following dependencies to your app/build.gradle file:

    dependencies { // Mobile Client for initializing the SDK implementation ('com.amazonaws:aws-android-sdk-mobile-client:2.7.+@aar') { transitive = true } // Google SignIn implementation 'com.android.support:support-v4:24.+' implementation ('com.amazonaws:aws-android-sdk-auth-google:2.7.+@aar') { transitive = true } // Sign in UI Library implementation 'com.android.support:appcompat-v7:24.+' implementation ('com.amazonaws:aws-android-sdk-auth-ui:2.7.+@aar') { transitive = true } }
  4. Create an activity that will present your sign-in screen.

    In Android Studio, choose File > New > Activity > Basic Activity and type an activity name, such as AuthenticatorActivity. If you want to make this your starting activity, move the intent filter block containing .LAUNCHER to the AuthenticatorActivity in your app's AndroidManifest.xml.

    <activity android:name=".AuthenticatorActivity"> <intent-filter> <action android:name="android.intent.action.MAIN" /> <category android:name="android.intent.category.LAUNCHER" /> </intent-filter> </activity>
  5. Update the onCreate function of your AuthenticatorActivity to call AWSMobileClient. This component provides the functionality to resume a signed-in authentication session. It makes a network call to retrieve the AWS credentials that allow users to access your AWS resources and registers a callback for when that transaction is complete.

    If the user is already signed in, the app switches to the NextActivity. If the user is not signed in, the user is presented with the AWS Mobile configurable sign-in UI. After the user is authenticated, the app continues to the NextActivity.

    import android.app.Activity; import android.os.Bundle; import com.amazonaws.mobile.auth.ui.SignInUI; import com.amazonaws.mobile.client.AWSMobileClient; import com.amazonaws.mobile.client.AWSStartupHandler; import com.amazonaws.mobile.client.AWSStartupResult; public class AuthenticatorActivity extends Activity { @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.activity_authenticator); // Add a call to initialize AWSMobileClient AWSMobileClient.getInstance().initialize(this, new AWSStartupHandler() { @Override public void onComplete(AWSStartupResult awsStartupResult) { SignInUI signin = (SignInUI) AWSMobileClient.getInstance().getClient(AuthenticatorActivity.this, SignInUI.class); signin.login(AuthenticatorActivity.this, MainActivity.class).execute(); } }).execute(); } }

Choose the run icon () in Android Studio to build your app and run it on your device/emulator. You should see our ready made sign-in UI for your app. Check out the next steps to learn how to customize your UI.

Note: If you get an exception which mentions Developer Error, it is likely due to missing SHA1 value from the Google configuration console. Create an Android client app from the Google console and add your machine's SHA1 keys there. Reference Link

API References

  • AWSMobileClient

    A library that initializes the SDK, constructs CredentialsProvider and AWSConfiguration objects, fetches the AWS credentials, and creates a SDK SignInUI client instance.

  • Auth UserPools

    A wrapper library for Amazon Cognito user pools that provides a managed email/password sign-in UI.

  • Auth Core

    A library that caches and federates a login provider authentication token using Amazon Cognito federated identities, caches the federated AWS credentials, and handles the sign-in flow.

Android - Kotlin

Use Android API level 23 or higher

The AWS Mobile SDK library for Android sign-in (aws-android-sdk-auth-ui) provides the activity and view for presenting a SignInUI for the sign-in providers you configure. This library depends on the Android SDK API Level 23 or higher.

  1. Add or update your AWS backend configuration file to incorporate your new sign-in. For details, see the last steps in the Get Started: Set Up Your Backend section.

  2. Add the following permissions to your AndroidManifest.xml file:

    <uses-permission android:name="android.permission.INTERNET"/> <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>
  3. Add the following dependencies to your app/build.gradle file:

    dependencies { // Mobile Client for initializing the SDK implementation ('com.amazonaws:aws-android-sdk-mobile-client:2.7.+@aar') { transitive = true } // Google SignIn implementation 'com.android.support:support-v4:24.+' implementation ('com.amazonaws:aws-android-sdk-auth-google:2.7.+@aar') { transitive = true } // Sign in UI Library implementation 'com.android.support:appcompat-v7:24.+' implementation ('com.amazonaws:aws-android-sdk-auth-ui:2.7.+@aar') { transitive = true } }
  4. Create an activity that will present your sign-in screen.

    In Android Studio, choose File > New > Activity > Basic Activity and type an activity name, such as AuthenticatorActivity. If you want to make this your starting activity, move the intent filter block containing .LAUNCHER to the AuthenticatorActivity in your app's AndroidManifest.xml.

    <activity android:name=".AuthenticatorActivity"> <intent-filter> <action android:name="android.intent.action.MAIN" /> <category android:name="android.intent.category.LAUNCHER" /> </intent-filter> </activity>
  5. Update the onCreate function of your AuthenticatorActivity to call AWSMobileClient. This component provides the functionality to resume a signed-in authentication session. It makes a network call to retrieve the AWS credentials that allow users to access your AWS resources and registers a callback for when that transaction is complete.

    If the user is already signed in, the app switches to the NextActivity. If the user is not signed in, the user is presented with the AWS Mobile configurable sign-in UI. After the user is authenticated, the app continues to the NextActivity.

    import android.app.Activity; import android.os.Bundle; import com.amazonaws.mobile.auth.ui.SignInUI; import com.amazonaws.mobile.client.AWSMobileClient; import com.amazonaws.mobile.client.AWSStartupHandler; import com.amazonaws.mobile.client.AWSStartupResult; class AuthenticatorActivity : Activity() { override fun onCreate(savedInstanceState: Bundle?) { super.onCreate(savedInstanceState) AWSMobileClient.getInstance().initialize(this) { val signInUI = AWSMobileClient.getInstance().getClient( this@AuthenticatorActivity, SignInUI::class.java) as SignInUI? signInUI?.login( this@AuthenticatorActivity, MainActivity::class.java)?.execute() }.execute() }

Choose the run icon () in Android Studio to build your app and run it on your device/emulator. You should see our ready made sign-in UI for your app. Check out the next steps to learn how to customize your UI.

Note: If you get an exception which mentions Developer Error, it is likely due to missing SHA1 value from the Google configuration console. Create an Android client app from the Google console and add your machine's SHA1 keys there. Reference Link

API References

  • AWSMobileClient

    A library that initializes the SDK, constructs CredentialsProvider and AWSConfiguration objects, fetches the AWS credentials, and creates a SDK SignInUI client instance.

  • Auth UserPools

    A wrapper library for Amazon Cognito user pools that provides a managed email/password sign-in UI.

  • Auth Core

    A library that caches and federates a login provider authentication token using Amazon Cognito federated identities, caches the federated AWS credentials, and handles the sign-in flow.

iOS - Swift
  1. Add or update your AWS backend configuration file to incorporate your new sign-in. For details, see the last steps in the Get Started: Set Up Your Backend section.

  2. Add the following dependencies in the Podfile.

    platform :ios, '9.0' target :'YOUR-APP-NAME' do use_frameworks! pod 'AWSMobileClient', '~> 2.6.13' pod 'AWSGoogleSignIn', '~> 2.6.13' pod 'AWSUserPoolsSignIn', '~> 2.6.13' pod 'AWSAuthUI', '~> 2.6.13' pod 'GoogleSignIn', '~> 4.0' # other pods end

    Run pod install --repo-update before you continue.

    If you encounter an error message that begins "[!] Failed to connect to GitHub to update the CocoaPods/Specs . . .", and your internet connectivity is working, you may need to update openssl and Ruby.

  3. Add Google metadata to Info.plist.

    To configure your Xcode project to use Google Login, open its Info.plist file using Right-click > Open As > Source Code. Add the following entry. Substitute your project name for the placeholder string.

    <plist version="1.0"> <!-- YOUR OTHER PLIST ENTRIES HERE --> <!-- ADD AN ENTRY TO CFBundleURLTypes for Google --> <!-- IF YOU DO NOT HAVE CFBundleURLTypes, YOU CAN COPY THE WHOLE BLOCK BELOW --> <key>CFBundleURLTypes</key> <array> <dict> <key>CFBundleURLSchemes</key> <array> <string>com.googleusercontent.apps.xxxxxxxxxxxx-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx</string> </array> </dict> </array> <!-- ... -->
  4. Create a AWSMobileClient and initialize the SDK.

    Add code to create an instance of AWSMobileClient in the application:open url function of your AppDelegate.swift, to resume a previously signed-in authenticated session.

    Then add another instance of AWSMobileClient in the didFinishLaunching function to register the sign in providers, and to fetch an Amazon Cognito credentials that AWS will use to authorize access once the user signs in.

    import UIKit import AWSMobileClient @UIApplicationMain class AppDelegate: UIResponder, UIApplicationDelegate { // Add an AWSMobileClient call in application:open url func application(_ application: UIApplication, open url: URL, sourceApplication: String?, annotation: Any) -> Bool { return AWSMobileClient.sharedInstance().interceptApplication( application, open: url, sourceApplication: sourceApplication, annotation: annotation) } // Add an AWSMobileClient call in application:didFinishLaunching func application( _ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplicationLaunchOptionsKey: Any]?) -> Bool { return AWSMobileClient.sharedInstance().interceptApplication( application, didFinishLaunchingWithOptions: launchOptions) } // Other functions in AppDelegate . . . }
  5. Make sure you have a UINavigationController in your app to use the sign-in UI. The sign-in UI uses the UINavigationController as an anchor to perform all the transitions.

Learn more about using UINavigationController.

  1. Implement your sign-in UI by calling the library provided by the SDK.

    import UIKit import AWSAuthCore import AWSAuthUI class SampleViewController: UIViewController { override func viewDidLoad() { super.viewDidLoad() // Call the showSignIn method from your `viewDidLoad` method // The showSignIn() method will check if the user is logged in, // and if the user is not logged in, it will present a sign-in UI using the navigation controller the view is part of. showSignIn() } func showSignIn() { if !AWSSignInManager.sharedInstance().isLoggedIn { AWSAuthUIViewController .presentViewController(with: self.navigationController!, configuration: nil, completionHandler: { (provider: AWSSignInProvider, error: Error?) in if error != nil { print("Error occurred: \(String(describing: error))") } else { // Sign in successful. } }) } } }

Choose the run icon () in the top left of the Xcode window or type -R to build and run your app. You should see our pre-built sign-in UI for your app. Checkout the next steps to learn how to customize your UI.

API References

  • AWSMobileClient

    A library that initializes the SDK, fetches the AWS credentials, and creates a SDK SignInUI client instance.

  • Auth UserPools

    A wrapper Library for Amazon Cognito UserPools that provides a managed Email/Password sign-in UI.

  • Auth Core

    A library that caches and federates a login provider authentication token using Amazon Cognito Federated Identities, caches the federated AWS credentials, and handles the sign-in flow.

Enable Sign-out

Android - JavaAndroid - KotliniOS - Swift
Android - Java

To enable a user to sign-out of your app, register a callback for sign-in events by adding a SignInStateChangeListener to IdentityManager. The listener captures both onUserSignedIn and onUserSignedOut events.

IdentityManager.getDefaultIdentityManager().addSignInStateChangeListener(new SignInStateChangeListener() { @Override // Sign-in listener public void onUserSignedIn() { Log.d(TAG, "User Signed In"); } // Sign-out listener @Override public void onUserSignedOut() { Log.d(TAG, "User signed out"); } });

To initiate a sign-out, call the signOut method of IdentityManager.

IdentityManager.getDefaultIdentityManager().signOut();
Android - Kotlin

To enable a user to sign-out of your app, register a callback for sign-in events by adding a SignInStateChangeListener to IdentityManager. The listener captures both onUserSignedIn and onUserSignedOut events.

IdentityManager.getDefaultIdentityManager().addSignInStateChangeListener( object : SignInStateChangeListener { override fun onUserSignedIn() { Log.d(TAG, "User signed in") } override fun onUserSignedOut() { Log.d(TAG, "User signed out") } } )

To initiate a sign-out, call the signOut method of IdentityManager.

IdentityManager.getDefaultIdentityManager().signOut()
iOS - Swift

To initiate a sign-out, add a call to AWSSignInManager.sharedInstance().logout.

// This call should be invoked on a UI activity like a button press triggered by the end user. E.g. `onSignOutButtonClicked` action of sign out button in your app. AWSSignInManager.sharedInstance().logout(completionHandler: {(result: Any?, error: Error?) in // Note: The showSignIn() method used below was added by us previously while integrating the sign-in UI. self.showSignIn() })

For a fuller example, see Sign-out a Signed-in User in the How To section.

Next Steps