Accessing resources after a successful user pool authentication

Your app users can sign in either directly through a user pool, or federate through a third-party identity provider (IdP). The user pool manages the overhead of handling the tokens that are returned from social sign-in through Facebook, Google, Amazon, and Apple, and from OpenID Connect (OIDC) and SAML IdPs. For more information, see Using tokens with user pools.

After a successful authentication, your app will receive user pool tokens from Amazon Cognito. You can use those tokens to retrieve AWS credentials that allow your app to access other AWS services. You can also choose to use them to control access to your own server-side resources, or to the Amazon API Gateway.

For more information, see User pool authentication flow and Using tokens with user pools.

Topics

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Caching tokens

Accessing server-side resources