Menu
AWS Mobile
Developer Guide

Add User Sign-in to Your Mobile App with Amazon Cognito

Enable your users to sign-in using credentials from Facebook, Google, or your own custom user directory. The AWS Mobile Hub User Sign-in feature is powered by Amazon Cognito, and the SDK provides a pre-built, configurable Sign-in UI based on the identity provider(s) you configure.

Set Up Your Backend

Prerequisite Complete the Get Started steps before your proceed.

Email & PasswordFacebookGoogle
Email & Password
  1. Enable User Sign-in: Open your project in Mobile Hub and choose the feature's tile.

  2. Configure Email and Password sign-in: Choose the feature and then select sign-in policies including: allowed login methods; multi-factor authentication; and password requirements and then choose Create user pool.

  3. When you are done configuring providers, choose Click here to return to project details page in the blue banner.

  4. On the project detail page, for each app that will use the updates to your backend configuration, choose the flashing Integrate button, and then complete the steps that guide you to connect your backend. If any apps in the project have not completed those steps the reminder banner and flashing button for those apps will remain in place.

  5. Follow the next steps to connect to your backend from your app.

Facebook
  1. Enable User Sign-in: Open your project in Mobile Hub and choose the feature's tile.

  2. Configure Facebook sign-in: Choose the feature and then type your Facebook App ID and then choose Enable Facebook login. To retrieve or create your Facebook App ID, see Setting Up Facebook Authentication..

  3. When you are done configuring providers, choose Click here to return to project details page in the blue banner.

  4. On the project detail page, for each app that will use the updates to your backend configuration, choose the flashing Integrate button, and then complete the steps that guide you to connect your backend. If any apps in the project have not completed those steps the reminder banner and flashing button for those apps will remain in place.

  5. Follow the next steps to connect to your backend from your app..

Google
  1. Enable User Sign-in: Open your project in Mobile Hub and choose the feature's tile.

  2. Configure Google sign-in: Choose the feature and then type in your Google Web App Client ID, and the Google Android or iOS Client ID (or both), and then choose Enable Google Sign-In. To retrieve or create your Google Client IDs, see Setting Up Google Authentication.

  3. When you are done configuring providers, choose Click here to return to project details page in the blue banner.

  4. On the project detail page, for each app that will use the updates to your backend configuration, choose the flashing Integrate button, and then complete the steps that guide you to connect your backend. If any apps in the project have not completed those steps the reminder banner and flashing button for those apps will remain in place.

  5. Follow the next steps to connect to your backend from your app..

Setup Email & Password Login in your Mobile App

Choose your platform:

Android-JavaiOS - Swift
Android-Java
  1. Add these permisions to the AndroidManifest.xml file:

    <uses-permission android:name="android.permission.INTERNET"/> <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>
  2. Add these dependencies to the app/build.gradle file:

    dependencies { // Mobile Client for initializing the SDK compile ('com.amazonaws:aws-android-sdk-mobile-client:2.6.+@aar') { transitive = true; } // Cognito UserPools for SignIn compile 'com.android.support:support-v4:24.+' compile ('com.amazonaws:aws-android-sdk-auth-userpools:2.6.+@aar') { transitive = true; } // Sign in UI Library compile 'com.android.support:appcompat-v7:24.+' compile ('com.amazonaws:aws-android-sdk-auth-ui:2.6.+@aar') { transitive = true; } }
  3. Create an activity that will present your sign-in screen, called AuthenticatorActivity in the following fragments. If you want to make this your starting activity, move the the intent filter block containing .LAUNCHER to the AuthenticatorActivity in your app's AndroidManifest.xml.

    <activity android:name=".AuthenticatorActivity"> <intent-filter> <action android:name="android.intent.action.MAIN" /> <category android:name="android.intent.category.LAUNCHER" /> </intent-filter> </activity>
  4. Update your AuthenticatorActivity to call AWSMobileClient. AWSMobileClient provides the functionality to resume a signed-in authentication session and register the callback for a sign-in operation. If the user is signed in, the app goes to the NextActivity, otherwise it presents the user with the AWS Mobile ready made, configurable sign-in UI.

    import android.app.Activity; import android.os.Bundle; import com.amazonaws.mobile.auth.ui.SignInUI; import com.amazonaws.mobile.client.AWSMobileClient; import com.amazonaws.mobile.client.AWSStartupHandler; import com.amazonaws.mobile.client.AWSStartupResult; public class AuthenticatorActivity extends Activity { @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.activity_authenticator); AWSMobileClient.getInstance().initialize(this, new AWSStartupHandler() { @Override public void onComplete(AWSStartupResult awsStartupResult) { SignInUI signin = (SignInUI) AWSMobileClient.getInstance().getClient(AuthenticatorActivity.this, SignInUI.class); signin.login(AuthenticatorActivity.this, NextActivity.class).execute(); } }).execute(); } }

Choose the Run icon in Android Studio to build your app and run it on your device/emulator. You should see our ready made sign-in UI for your app. Checkout the next steps to learn how to customize your UI.

iOS - Swift
  1. Add the following dependencies in your project's Podfile and then run pod install --repo-update.

    platform :ios, '9.0' target :'YourAppTarget' do use_frameworks! pod 'AWSUserPoolsSignIn', '~> 2.6.6' pod 'AWSAuthUI', '~> 2.6.6' pod 'AWSMobileClient', '~> 2.6.6' # other pods end
  2. Create a AWSMobileClient and initialize the SDK.

    Add the following imports and a function that creates an instance of AWSMobileClient into the AppDelegate class of AppDelegate.swift.

    import UIKit import AWSMobileClient @UIApplicationMain class AppDelegate: UIResponder, UIApplicationDelegate { func application(_ application: UIApplication, open url: URL, sourceApplication: String?, annotation: Any) -> Bool { return AWSMobileClient.sharedInstance().interceptApplication( application, open: url, sourceApplication: sourceApplication, annotation: annotation) }

    In didFinishLaunching call the AWSMobileClient to register the sign in providers and fetch the Amazon Cognito user identity.

    func application( _ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplicationLaunchOptionsKey: Any]?) -> Bool { return AWSMobileClient.sharedInstance().interceptApplication( application, didFinishLaunchingWithOptions: launchOptions) } }
  3. Implement your sign-in UI by calling the library provided in the SDK.

    import UIKit import AWSAuthCore import AWSAuthUI class SampleViewController: UIViewController { override func viewDidLoad() { super.viewDidLoad() if !AWSSignInManager.sharedInstance().isLoggedIn { AWSAuthUIViewController .presentViewController(with: self.navigationController!, configuration: nil, completionHandler: { (provider: AWSSignInProvider, error: Error?) in if error != nil { print("Error occurred: \(String(describing: error))") } else { // Sign in successful. } }) } } }

Choose the Run icon in the top left of the Xcode window or type Command-R to build and run your app. You should see our pre-built sign-in UI for your app. Checkout the next steps to learn how to customize your UI.

Setup Facebook Login in your Mobile App

Android-JavaiOS - Swift
Android-Java
  1. Add the following permissions and Activity to your AndroidManifest.xml file:

    <!-- ... --> <uses-permission android:name="android.permission.INTERNET"/> <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/> <!-- ... --> <activity android:name="com.facebook.FacebookActivity" android:exported="true"> <intent-filter> <action android:name="android.intent.action.VIEW" /> <category android:name="android.intent.category.DEFAULT" /> <category android:name="android.intent.category.BROWSABLE" /> <data android:scheme="@string/fb_login_protocol_scheme" /> </intent-filter> </activity> <!-- ... --> <meta-data android:name="com.facebook.sdk.ApplicationId" android:value="@string/facebook_app_id" /> <!-- ... -->
  2. Add these dependencies to your app/build.gradle file:

    dependencies { // Mobile Client for initializing the SDK compile ('com.amazonaws:aws-android-sdk-mobile-client:2.6.+@aar') { transitive = true; } // Facebook SignIn compile 'com.android.support:support-v4:24.+' compile ('com.amazonaws:aws-android-sdk-auth-facebook:2.6.+@aar') { transitive = true; } // Sign in UI compile 'com.android.support:appcompat-v7:24.+' compile ('com.amazonaws:aws-android-sdk-auth-ui:2.6.+@aar') { transitive = true; } }
  3. In strings.xml, add string definitions for your Facebook App ID and login protocol scheme.The value should contain your Facebook AppID in both cases, the login protcol value is always prefaced with fb.

    <string name="facebook_app_id">1231231231232123123</string> <string name="fb_login_protocol_scheme">fb1231231231232123123</string>
  4. Create an activity that will present your sign-in screen, called AuthenticatorActivity in the following fragments. If you want to make this your starting activity, move the the intent filter block containing .LAUNCHER to the AuthenticatorActivity in your app's AndroidManifest.xml.

    <activity android:name=".AuthenticatorActivity"> <intent-filter> <action android:name="android.intent.action.MAIN" /> <category android:name="android.intent.category.LAUNCHER" /> </intent-filter> </activity>
  5. Update your AuthenticatorActivity to call AWSMobileClient. AWSMobileClient provides the functionality to resume a signed-in authentication session and register the callback for a sign-in operation. If the user is signed in, the app goes to the NextActivity, otherwise it presents the user with the AWS Mobile ready made, configurable sign-in UI.

    import android.app.Activity; import android.os.Bundle; import com.amazonaws.mobile.auth.ui.SignInUI; import com.amazonaws.mobile.client.AWSMobileClient; import com.amazonaws.mobile.client.AWSStartupHandler; import com.amazonaws.mobile.client.AWSStartupResult; public class AuthenticatorActivity extends Activity { @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.activity_authenticator); AWSMobileClient.getInstance().initialize(this, new AWSStartupHandler() { @Override public void onComplete(AWSStartupResult awsStartupResult) { SignInUI signin = (SignInUI) AWSMobileClient.getInstance().getClient(AuthenticatorActivity.this, SignInUI.class); signin.login(AuthenticatorActivity.this, NextActivity.class).execute(); } }).execute(); } }

Choose the Run icon in Android Studio to build your app and run it on your device/emulator. You should see our ready made sign-in UI for your app. Checkout the next steps to learn how to customize your UI.

iOS - Swift
  1. Add the following dependencies in your project's Podfile and run pod install --repo-update.

    platform :ios, '9.0' target :'YourAppTarget' do use_frameworks! pod 'AWSMobileClient', '~> 2.6.6' pod 'AWSFacebookSignIn', '~> 2.6.6' pod 'AWSAuthUI', '~> 2.6.6' # other pods end
  2. Add Facebook meta data to Info.plist.

    To configure your Xcode project to use Facebook Login, right-choose Info.plist and then choose Open As > Source Code.

    Add the following entry, using your project name, Facebook ID and login scheme ID.

    <plist version="1.0"> <!-- ... --> <dict> <key>FacebookAppID</key> <string>0123456789012345</string> <key>FacebookDisplayName</key> <string>YOUR-PROJECT-NAME</string> <key>LSApplicationQueriesSchemes</key> <array> <string>fbapi</string> <string>fb-messenger-api</string> <string>fbauth2</string> <string>fbshareextension</string> </array> <key>CFBundleURLTypes</key> <array> <dict> <key>CFBundleURLSchemes</key> <array> <string>fb0123456789012345</string> </array> </dict> </array> </dict> <!-- ... -->
  3. Create a AWSMobileClient and initialize the SDK.

    In AppDelegate.swift create an instance of AWSMobileClient in the withApplication function. In didFinishLaunching call the AWSMobileClient to register the sign in providers and fetch the Amazon Cognito Identity.

    import UIKit import AWSMobileClient @UIApplicationMain class AppDelegate: UIResponder, UIApplicationDelegate { func application(_ application: UIApplication, open url: URL, sourceApplication: String?, annotation: Any) -> Bool { return AWSMobileClient.sharedInstance().interceptApplication( application, open: url, sourceApplication: sourceApplication, annotation: annotation) } func application( _ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplicationLaunchOptionsKey: Any]?) -> Bool { return AWSMobileClient.sharedInstance().interceptApplication( application, didFinishLaunchingWithOptions: launchOptions) } }
  4. Implement your sign-in UI by calling the library provided by the SDK.

    import UIKit import AWSAuthCore import AWSAuthUI class SampleViewController: UIViewController { override func viewDidLoad() { super.viewDidLoad() if !AWSSignInManager.sharedInstance().isLoggedIn { AWSAuthUIViewController .presentViewController(with: self.navigationController!, configuration: nil, completionHandler: { (provider: AWSSignInProvider, error: Error?) in if error != nil { print("Error occurred: \(String(describing: error))") } else { // sign in successful. } }) } } }

Choose the Run icon in the top left of the Xcode window or type Command-R to build and run your app. You should see our pre-built sign-in UI for your app. Checkout the next steps to learn how to customize your UI.

Setup Google Login in your Mobile App

Android-JavaiOS - Swift
Android-Java
  1. Add these permissions to your AndroidManifest.xml file:

    <uses-permission android:name="android.permission.INTERNET"/> <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>
  2. Add these dependencies to your app/build.gradle file:

    dependencies { // Mobile Client for initializing the SDK compile ('com.amazonaws:aws-android-sdk-mobile-client:2.6.+@aar') { transitive = true; } // Google SignIn compile 'com.android.support:support-v4:24.+' compile ('com.amazonaws:aws-android-sdk-auth-google:2.6.+@aar') { transitive = true; } // Sign in UI Library compile 'com.android.support:appcompat-v7:24.+' compile ('com.amazonaws:aws-android-sdk-auth-ui:2.6.+@aar') { transitive = true; } }
  3. Create an activity that will present your sign-in screen, called AuthenticatorActivity in the following fragments. If you want to make this your starting activity, move the the intent filter block containing .LAUNCHER to the AuthenticatorActivity in your app's AndroidManifest.xml.

    <activity android:name=".AuthenticatorActivity"> <intent-filter> <action android:name="android.intent.action.MAIN" /> <category android:name="android.intent.category.LAUNCHER" /> </intent-filter> </activity>
  4. Update your AuthenticatorActivity to call AWSMobileClient. AWSMobileClient provides the functionality to resume a signed-in authentication session and register the callback for a sign-in operation. If the user is signed in, the app goes to the NextActivity, otherwise it presents the user with the AWS Mobile ready made, configurable sign-in UI.

    import android.app.Activity; import android.os.Bundle; import com.amazonaws.mobile.auth.ui.SignInUI; import com.amazonaws.mobile.client.AWSMobileClient; import com.amazonaws.mobile.client.AWSStartupHandler; import com.amazonaws.mobile.client.AWSStartupResult; public class AuthenticatorActivity extends Activity { @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.activity_authenticator); AWSMobileClient.getInstance().initialize(this, new AWSStartupHandler() { @Override public void onComplete(AWSStartupResult awsStartupResult) { SignInUI signin = (SignInUI) AWSMobileClient.getInstance().getClient(AuthenticatorActivity.this, SignInUI.class); signin.login(AuthenticatorActivity.this, MainActivity.class).execute(); } }).execute(); } }

Choose the Run icon in Android Studio to build your app and run it on your device/emulator. You should see our ready made sign-in UI for your app. Checkout the next steps to learn how to customize your UI.

iOS - Swift
  1. Add the following dependencies in the Podfile and run pod install --repo-update

    platform :ios, '9.0' target :'YourAppTarget' do use_frameworks! pod 'AWSMobileClient', '~> 2.6.6' pod 'AWSGoogleSignIn', '~> 2.6.6' pod 'AWSAuthUI', '~> 2.6.6' pod 'GoogleSignIn', '~> 4.0' # other pods end
  2. Add Google metadata to info.plist

    To configure your Xcode project to use Google Login, open its Info.plist file using Right-click > Open As > Source Code. Add the following entry. Substitute your project name for the placeholder string.

    <plist version="1.0"> <!-- ... --> <key>CFBundleURLTypes</key> <array> <dict> <key>CFBundleURLSchemes</key> <array> <string>com.googleusercontent.apps.xxxxxxxxxxxx-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx</string> </array> </dict> </array> <!-- ... -->
  3. Create a AWSMobileClient and initialize the SDK.

    In AppDelegate.swift create an instance of AWSMobileClient in the withApplication function. In didFinishLaunching call the AWSMobileClient to register the sign in providers and fetch the Cognito Identity.

    import UIKit import AWSMobileClient @UIApplicationMain class AppDelegate: UIResponder, UIApplicationDelegate { func application(_ application: UIApplication, open url: URL, sourceApplication: String?, annotation: Any) -> Bool { return AWSMobileClient.sharedInstance().interceptApplication( application, open: url, sourceApplication: sourceApplication, annotation: annotation) } func application( _ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplicationLaunchOptionsKey: Any]?) -> Bool { return AWSMobileClient.sharedInstance().interceptApplication( application, didFinishLaunchingWithOptions: launchOptions) } }
  4. Implement your sign-in UI by calling the library provided by the SDK.

    import UIKit import AWSAuthCore import AWSAuthUI class SampleViewController: UIViewController { override func viewDidLoad() { super.viewDidLoad() if !AWSSignInManager.sharedInstance().isLoggedIn { AWSAuthUIViewController .presentViewController(with: self.navigationController!, configuration: nil, completionHandler: { (provider: AWSSignInProvider, error: Error?) in if error != nil { print("Error occurred: \(String(describing: error))") } else { // Sign in successful. } }) } } }

Choose the Run icon in the top left of the Xcode window or type Command-R to build and run your app. You should see our pre-built sign-in UI for your app. Checkout the next steps to learn how to customize your UI.

Next Steps