LoginSignup
2
1

More than 3 years have passed since last update.

@k_hoso

CognitoのAPIを直接叩く@IDプール編

Last updated at Posted at 2020-08-21

CognitoのAPIを直接叩く@IDプール編

GetId(IDトークン有り)

POST https://cognito-identity.ap-northeast-1.amazonaws.com/ HTTP/1.1
content-type: application/x-amz-json-1.1
x-amz-target: AWSCognitoIdentityService.GetId

{
    "IdentityPoolId": "ap-northeast-1:IdentityPoolId",
    "Logins" : {
        "cognito-idp.ap-northeast-1.amazonaws.com/ap-northeast-1_xxxxxxxxx": "idToken"
    }
}

GetId(IDトークン無し)

POST https://cognito-identity.ap-northeast-1.amazonaws.com/ HTTP/1.1
content-type: application/x-amz-json-1.1
x-amz-target: AWSCognitoIdentityService.GetId

{
    "IdentityPoolId": "ap-northeast-1:IdentityPoolId"
}

GetCredentialsForIdentity(IDトークン有り)

POST https://cognito-identity.ap-northeast-1.amazonaws.com/ HTTP/1.1
content-type: application/x-amz-json-1.1
x-amz-target: AWSCognitoIdentityService.GetCredentialsForIdentity

{
    "IdentityId":"ap-northeast-1:IdentityPoolId",
    "Logins" : {
        "cognito-idp.ap-northeast-1.amazonaws.com/ap-northeast-1_xxxxxxxxx": "idToken"
    }
}

GetCredentialsForIdentity(IDトークン無し)

POST https://cognito-identity.ap-northeast-1.amazonaws.com/ HTTP/1.1
content-type: application/x-amz-json-1.1
x-amz-target: AWSCognitoIdentityService.GetCredentialsForIdentity

{"IdentityId":"ap-northeast-1:IdentityPoolId"}

GetOpenIdToken(IDトークン無し)

※基本フローの許可設定が必要
※許可しないと→のエラーが出る。"Basic (classic) flow is not supported with RoleMappings, please use enhanced flow."

POST https://cognito-identity.ap-northeast-1.amazonaws.com/ HTTP/1.1
content-type: application/x-amz-json-1.1
x-amz-target: AWSCognitoIdentityService.GetOpenIdToken

{"IdentityId":"ap-northeast-1:IdentityPoolId"}

GetOpenIdToken(IDトークン有り)

※基本フローの許可設定が必要
※許可しないと→のエラーが出る。"Basic (classic) flow is not supported with RoleMappings, please use enhanced flow."

POST https://cognito-identity.ap-northeast-1.amazonaws.com/ HTTP/1.1
content-type: application/x-amz-json-1.1
x-amz-target: AWSCognitoIdentityService.GetOpenIdToken

{
    "IdentityId":"ap-northeast-1:IdentityPoolId",
    "Logins" : {
        "cognito-idp.ap-northeast-1.amazonaws.com/ap-northeast-1_xxxxxxxxx": "idToken"
    }
}

GetOpenIdTokenForDeveloperIdentity(独自認証)

※クレデンシャルが必要なので直で行きたい場合、ちゃんとヘッダ付与する必要ある

POST https://cognito-identity.ap-northeast-1.amazonaws.com/ HTTP/1.1
content-type: application/x-amz-json-1.1
x-amz-target: AWSCognitoIdentityService.GetOpenIdTokenForDeveloperIdentity

{
    "Logins" : {
        "provider": "identifier"
    }
}

関連

CognitoのAPIを直接叩く@ユーザプール編

2
1
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
2
1