CognitoのAPIを直接叩く@IDプール編
GetId(IDトークン有り)
POST https://cognito-identity.ap-northeast-1.amazonaws.com/ HTTP/1.1
content-type: application/x-amz-json-1.1
x-amz-target: AWSCognitoIdentityService.GetId
{
"IdentityPoolId": "ap-northeast-1:IdentityPoolId",
"Logins" : {
"cognito-idp.ap-northeast-1.amazonaws.com/ap-northeast-1_xxxxxxxxx": "idToken"
}
}
GetId(IDトークン無し)
POST https://cognito-identity.ap-northeast-1.amazonaws.com/ HTTP/1.1
content-type: application/x-amz-json-1.1
x-amz-target: AWSCognitoIdentityService.GetId
{
"IdentityPoolId": "ap-northeast-1:IdentityPoolId"
}
GetCredentialsForIdentity(IDトークン有り)
POST https://cognito-identity.ap-northeast-1.amazonaws.com/ HTTP/1.1
content-type: application/x-amz-json-1.1
x-amz-target: AWSCognitoIdentityService.GetCredentialsForIdentity
{
"IdentityId":"ap-northeast-1:IdentityPoolId",
"Logins" : {
"cognito-idp.ap-northeast-1.amazonaws.com/ap-northeast-1_xxxxxxxxx": "idToken"
}
}
GetCredentialsForIdentity(IDトークン無し)
POST https://cognito-identity.ap-northeast-1.amazonaws.com/ HTTP/1.1
content-type: application/x-amz-json-1.1
x-amz-target: AWSCognitoIdentityService.GetCredentialsForIdentity
{"IdentityId":"ap-northeast-1:IdentityPoolId"}
GetOpenIdToken(IDトークン無し)
※基本フローの許可設定が必要
※許可しないと→のエラーが出る。"Basic (classic) flow is not supported with RoleMappings, please use enhanced flow."
POST https://cognito-identity.ap-northeast-1.amazonaws.com/ HTTP/1.1
content-type: application/x-amz-json-1.1
x-amz-target: AWSCognitoIdentityService.GetOpenIdToken
{"IdentityId":"ap-northeast-1:IdentityPoolId"}
GetOpenIdToken(IDトークン有り)
※基本フローの許可設定が必要
※許可しないと→のエラーが出る。"Basic (classic) flow is not supported with RoleMappings, please use enhanced flow."
POST https://cognito-identity.ap-northeast-1.amazonaws.com/ HTTP/1.1
content-type: application/x-amz-json-1.1
x-amz-target: AWSCognitoIdentityService.GetOpenIdToken
{
"IdentityId":"ap-northeast-1:IdentityPoolId",
"Logins" : {
"cognito-idp.ap-northeast-1.amazonaws.com/ap-northeast-1_xxxxxxxxx": "idToken"
}
}
GetOpenIdTokenForDeveloperIdentity(独自認証)
※クレデンシャルが必要なので直で行きたい場合、ちゃんとヘッダ付与する必要ある
POST https://cognito-identity.ap-northeast-1.amazonaws.com/ HTTP/1.1
content-type: application/x-amz-json-1.1
x-amz-target: AWSCognitoIdentityService.GetOpenIdTokenForDeveloperIdentity
{
"Logins" : {
"provider": "identifier"
}
}