Certified Security - Specialty

Sign Up Free or Log In to participate!

Implementing OAuth 2.0 with Cognito for M2M

Can Cognito be used to implement OAuth 2.0 for service to service authentication and authorization?

1 Answers

Yes and no. OAuth 2.0 is really only used for the authentication piece, it is not designed for authorization. That’s where OpenID Connect comes in (which is supported by Cognito). You can add your users to groups in Cognito and those can then be passed through in the id_token when the user logs in. You can then use the group membership for authorization in your application.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?