Using AWS Cognito to authenticate users
In order to use Amazon Cognito you will need the following:
  • An AWS account
  • A Google developer account
We will walk through the steps to set everything up below.

Create the Amazon Cognito User Pool

  1. 2.
    Select "Manage user pools"
  2. 3.
    Click "Create new pool", provide a name
  3. 4.
    Click "Review defaults", then "Create pool"
  4. 5.
    Click "General settings →App clients" on left then "Add new app client".
  5. 6.
    Enter a name then hit "Create app client"
  6. 7.
    Click "show details" & make note of the client id and client secret
  7. 8.
    Go to "Domain name" on left then set a domain prefix of your choice. Make a note of the full domain (including your prefix and the "amazoncognito" suffix). Click "Save changes"
  8. 9.
    Go to "App integration → App client settings" on left
  9. 10.
    In "Enabled Identity Providers, click "Select all"
  10. 12.
    In "Allowed OAuth Flows" enable "Authorization code grant"
  11. 13.
    In "Allowed OAuth Scopes" enable openid, email, profile
  12. 14.
    Save changes

Add Google as Identity Provider

Your mobile app users can sign in through social identity providers like Facebook, Google, Amazon, and Apple. Let's see how to configure Google:
  1. 1.
    Create a developer account with Google. Note: Google Play charges a $25 one-time developer fee.
  2. 2.
    Sign in to Google Cloud Console and create a project: https://console.cloud.google.com/projectcreate
  3. 3.
    Go to the Dashboard, click "Select a project" and click on the name of your project
  4. 4.
    On the left menu, click "OAuth Consent Screen"
  5. 5.
    Select "External" and click "Create"
  6. 6.
    Set the App name and the User support email
  7. 7.
    In "Authorized domains", add amazoncognito.com, page.link and bravostudio.app
  8. 8.
    In "Developer contact information", set the email address and click "Save and continue"
  9. 9.
    You should be on the "Scopes" step. Click "ADD OR REMOVE SCOPES"
  10. 10.
    Check ".../auth/userinfo.email", ".../auth/userinfo.profile" and "openid", click "Update"
  11. 11.
    In "Test Users", click "ADD USERS"
  12. 12.
    Now you may add your Google email to test the login afterward
  13. 13.
    Click "Save and continue"
  14. 14.
    On the left menu, click "Credentials"
  15. 15.
    Click "Create credentials" and select "OAuth Client ID"
  16. 16.
    In "Application type" select "Web Application", set a name
  17. 17.
    In "Authorized JavaScript origins" add the full domain you created earlier in the Amazon Cognito step (with "https://")
  18. 18.
    In "Authorized redirect URIs" add the same domain, plus "/oauth2/idpresponse" as a suffix
  19. 20.
    Click "Create"
  20. 21.
    Note the Client ID and the Client Secret
  1. 1.
  2. 2.
    Click "Manage User Pools" and select the one you created before
  3. 3.
    On the left menu go to "Federation → Identity providers"
  4. 4.
    Select Google
  1. 1.
    In Google App Id, set the Client ID from the Google API & Services credentials
  2. 2.
    In App Secret, set the Client Secret from the Google API & Services credentials
  3. 3.
    In "Authorize scope" set "profile email openid"
  4. 4.
    Click "Enable Google"
  5. 5.
    Go to "App integration → App client settings"
  6. 6.
    In "Enabled Identity Providers" check "Google" and Save Changes

Configure OAuth in Bravo Studio

  1. 2.
    Open up your project, go to the "Integrations" tab and enable "OAuth 2.0"
  2. 3.
    Select Cognito from the provider list
  3. 4.
    Set the full domain, the Client ID, and the Client Secret from the Cognito User Pool settings
  4. 5.
    Save
Copy link
On this page
Create the Amazon Cognito User Pool
Add Google as Identity Provider
Configure OAuth in Bravo Studio