Accessing server-side resources after sign-in - Amazon Cognito

Accessing server-side resources after sign-in

After a successful authentication, your web or mobile app will receive user pool tokens from Amazon Cognito. You can use those tokens to control access to your server-side resources. You can also create user pool groups to manage permissions, and to represent different types of users. For more information on using groups to control access to your resources see Adding groups to a user pool.


        Accessing your backend resources through a user pool

Once you configure a domain for your user pool, Amazon Cognito provisions a hosted web UI that allows you to add sign-up and sign-in pages to your app. Using this OAuth 2.0 foundation you can create your own resource server so that your users can access protected resources. For more information see OAuth 2.0 scopes and API authorization with resource servers.

For more information about user pool authentication, see User pool authentication flow and Using tokens with user pools.