SlideShare a Scribd company logo

(MBL402) Mobile Identity Management & Data Sync Using Amazon Cognito

Amazon Web Services
Amazon Web Services

Developing mobile apps can be complex and time-consuming. Learn how to simplify mobile identity management and data synchronization across devices. In addition, learn how to follow security best practices to give your app access to the resources it needs to provide a great user experience without hard-coding security credentials. We will cover how to easily and securely onboard users as anonymous guests using public login providers like Amazon, Facebook, Twitter, or your own user identity system. We are very excited to have Twitter representatives join us on stage for a deep dive on authenticating users with Twitter and Digits, which enables users to sign in with their phone numbers.

Technology
1 of 43
Download to read offline
© 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Stephen Johnson, Solution Architect -- AWS Valentin Polouchkine, Developer Advocate -- Twitter October 2015 MBL402 Identity Management & Data Sync with Amazon Cognito
What to Expect from the Session Dive deep into Cognito Identity Learn about Cognito Sync features Twitter Fabric and Digits demonstration
Cognito Identity Authenticates Users - Third-party ID Providers - OpenID Connect Providers - Developer Providers Anonymous Identity Federation of Identities OpenID Connect Token Generation Amazon Cognito Overview Cognito Sync Store Customer Data in the Cloud Synchronize Data - Between Devices and Cloud - Across Devices Cognito Events - Trigger AWS Lambda Cognito Streams - Send to Amazon Kinesis
Amazon Cognito - Identity
Cognito Identity Developer Features Identify customers whenever they use my app No matter how they authenticate (across IDPs) Even if they don’t authenticate (upgrade when they do) Provide appropriate credentials for AWS access Any level of permission, for any service Distinguish authenticated and unauthenticated users
AWS Identity Before Cognito AWS Security Token Service (STS) 5. Receive AWS Credentials 3. Assume Role2. Retrieve Identity Mobile Client Identity Provider 1. Authenticate 4. Validate Amazon S3 Web Identity -or- SAML -or- OpenID Connect 6. Store Data
Cognito - Identity Storage Identity Pool No limit on # identities Up to 60 Pools / Account Usually associated with an app Trust Policy Access Policy Authenticated Role Trust Policy Access Policy Unauthenticated Role
Using the Cognito in the Mobile SDK CognitoCachingCredentialsProvider provider = new CognitoCachingCredentialsProvider ( getApplicationContext(), "us-east-1:64813b20-4f17-491a-9287", Regions.US_EAST_1 ); provider.getIdentityId(); AWSSessionCredentials c = provider.getCredentials();
Create an Identity Pool with Roles $ aws cognito-identity create-identity-pool --identity-pool-name mySamplePool --allow-unauthenticated-identities { "IdentityPoolId": "us-east-1:cb6ff5f8-f6aa", "AllowUnauthenticatedIdentities": true, "IdentityPoolName": "mySamplePool”} $ aws cognito-identity set-identity-pool-roles --identity-pool-id us-east-1:cb6ff5f8-f6aa --roles authenticated=arn:aws:iam:::role/Auth_Role, unauthenticated=arn:aws:iam:::role/Unauth_Role
Create an (Unauthenticated) Identity $ aws cognito-identity get-id --identity-pool-id us-east-1:cb6ff5f8-f6aa { "IdentityId": "us-east-1:73dbf099-cb1b-4a32-90f0-6c224" }
Get the OpenID Connect Token $ aws cognito-identity get-open-id-token --identity-id us-east-1:73dbf099-cb1b-4a32 { "Token": "eyJraWQiOiJ1cy1lYXN0LTExIiwidHlwIjoiSldTIiwiYWxnIjo iUlM1MTIifQ.eyJzdWIiOiJ1cy1lYXN0LTE6NzNkYmYwOTktY2Ix XUSUi27oUABCPA6Vx14WUTUCc7WfMqidQu5GIvZIiCvvTXG9EXY6 zsf1C5BhV9EVvtww", "IdentityId": "us-east-1:73dbf099-cb1b-4a32 }
Cognito Token – JWT format (courtesy jwt.io)
Assume Unauthenticated Role $ aws sts assume-role-with-web-identity --role-arn arn:aws:iam::role/Cognito_Unauth_Role --role-session-name steve --web-identity-token eyJraWQiOiJ1cy1lYXN0LTExIiwi dHlwIjoiSldTIiwiYWxnIjoiUlM1MTIifQ.eyJzdWIiOiJ1cy1lY XN0LTE6NzNkYmYwOTktY2IxYi00YTMyLTkwZjAtNmMyMjQ4NTg4O GFmIiwiYXVkIjoidXMtZWFzdC0xOjY0ODEzYjIwLTRmMTctNDkxY S05Mjg3LTJiMzc2YjgyNThjO
Assumed Role Credentials (output) "Credentials": { "AccessKeyId": "ASIAJBGJ6DTQE5Q3N67Q”, "SecretAccessKey”:"aAa5v7/e+rk8Cr5VB+P4sL3DyaQJZ", "SessionToken": "AQoDYXdzEFAagAS8+GnLyCwthcqB /GftrGcCcY4cMi8sPOHXk1gNUkWvJIqkUcY4cMi8sPOHXk1gNUkW vJIqkv9uy9H07T4cY4cMi8sPOHXk1gNUkWvJIqk4PF/e==", "Expiration": "2015-09-17T00:15:53Z” }
Unauthenticated Flow STS 5. Receive AWS Credentials 3. Assume Role2. OpenID Token Mobile Client Cognito “IDP” 1. Get New Identity 4. Validate Amazon S3 6. Store Data
Revisit API for Authenticated Identities $ aws cognito-identity get-id --identity-pool-id <required> --logins <to fetch authenticated id> $ aws cognito-identity get-open-id-token --identity-id <required> --logins <to fetch token for auth’d id>
Getting a Token : linking a login (promotion) get-open-id-token( Id = 2 , ) Id = 2 , Id = 2 Cognito promotes to “authenticated” , Returns same identity-id
Getting a Token : lookup, return id get-open-id-token( Id = 3 Id = 3 , ) Id = 3 , Cognito returns The same identity-id
Id = 2 Getting a Token : merging identities get-open-id-token( Id = 3 , ) Id = 3 , Cognito merges the Identities, returns an existing identity-id Id = 2
Getting a Token : Not Authorized get-open-id-token( ID = 3 ,ID = 3 ) ) Cognito requires a valid linked login before giving a token for an authorized ID
Authenticated Flow STS 5. Receive AWS Credentials 3. Assume Role2. OpenID Token Mobile Client Cognito “IDP” 1. Get or Create Identity 4. Validate Amazon S3 6. Store Data
Authenticated OpenID Token
OpenID Information in IAM Policy (Trust) "Condition": { "StringEquals": { "cognito-identity.amazonaws.com:aud”:"us-east-1:identity-pool-id” }, "ForAnyValue:StringLike": { "cognito-identity.amazonaws.com:amr": ”authenticated” < or specify by provider… > "cognito-identity.amazonaws.com:amr": ”api.twitter.com” } }
Restricting S3 Buckets by User { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": ["s3:ListBucket"], "Resource": ["arn:aws:s3:::EXAMPLE-BUCKET-NAME"], "Condition": { "StringLike": { "s3:prefix": ["cognito/myapp/"] } } }, { "Effect": "Allow", "Action": [ "s3:GetObject", "s3:PutObject", "s3:DeleteObject" ], "Resource": [ "arn:aws:s3:::EXAMPLE-BUCKET-NAME/cognito/myapp/ ${cognito-identity.amazonaws.com:sub}", "arn:aws:s3:::EXAMPLE-BUCKET-NAME/cognito/myapp/ ${cognito-identity.amazonaws.com:sub}/*" ] } ] }
Using Developer Identities What if you already have a directory with names and passwords? You can federate your own identities using Cognito One server side API call: getOpenIdTokenForDeveloperIdentity
Developer Authenticated Flow STS 6. Receive AWS Credentials 4. Assume Role Mobile Client 1. Authenticate 5. Validate Amazon S3 7. Store Data 3. OpenID Token Cognito “IDP” Developer Login 2. Request Token
Developer Auth Demo
Developer Auth Demo STS 6. Receive AWS Credentials 4. Assume Role Mobile Client 1. Authenticate 5. Validate Amazon S3 7. Store Data 3. OpenID Token Cognito API API Gateway AWS Lambda 2. Get Token
Pro Tips for Cognito Identity Always cache Unauthenticated Identity IDs Trap security errors so you know when to reauthenticate Be sure to customize the default Access Policies for Authenticated and Unauthenticated Identities If you use Developer Identities, lock down the login workflow.
Amazon Cognito Sync
Cognito Sync Data Structure Identity Pool 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB Each identity’s store contains up to 20 Datasets A Dataset contains Key/Value Records
Protips for Cognito Sync Use SyncOnConnect, or explicit Sync calls depending on use case Sync happens at the Dataset level. Use different datasets for different Sync patterns If you require immediate updates, use Cognito Push Sync Implement SyncCallback if you want to know what’s going on, or give your Customers a better experience
Cognito Sync Events Mobile Client 1. Sync Identity Pool Sync Data AWS Lambda Amazon DynamoDB Amazon Redshift 2. SyncTrigger Event 3. R/W 4. Write 5. Update
Pro Tips for Cognito Events Handles Incoming Sync Data --whatever makes it in the store will be shared with all clients on sync You have control over what is stored: Add, Modify, or Delete Records Modify Record Values (create ‘Read Only’ Values) Use DynamoDB, S3, or Amazon RDS to support complex use cases Validate values to detect exploits or cheating
Cognito Streams Mobile Client 1. Sync Identity Pool Sync Data 3. Update Amazon Kinesis Amazon Redshift Amazon S3 2. Stream
Twitter Digits Integration
What’s in the box? Crashlytics Kit Stability Twitter Kit Social MoPub Kit Revenue Digits Kit Identity
Basic flow Phone Number SMS (Confirmation Code) Stable ID, oAuth Token Confirmation Code
Digits iOS, Android, JS 216 countries, 28 languages Digits.com: 2FA, phone number change Voice verification as fallback
Thank you!
Remember to complete your evaluations!
Related Sessions SEC307 - A Progressive Journey Through AWS IAM Federation Options SEC305 - Become an AWS IAM Policy Ninja in 60 Minutes or Less MBL309 - Analyze Mobile App Data and Build Predictive Applications

Recommended

Api presentation
Api presentationApi presentation
Api presentationTiago Cardoso
 
REST & RESTful Web Services
REST & RESTful Web ServicesREST & RESTful Web Services
REST & RESTful Web ServicesHalil Burak Cetinkaya
 
An Introduction To REST API
An Introduction To REST APIAn Introduction To REST API
An Introduction To REST APIAniruddh Bhilvare
 
Layer 7 SecureSpan Solution
Layer 7 SecureSpan SolutionLayer 7 SecureSpan Solution
Layer 7 SecureSpan SolutionCA API Management
 
{Re}designing a Developer Portal
{Re}designing a Developer Portal{Re}designing a Developer Portal
{Re}designing a Developer PortalPronovix
 
Introduction to GraphQL
Introduction to GraphQLIntroduction to GraphQL
Introduction to GraphQLAmazon Web Services
 
API Management Solution Powerpoint Presentation Slides
API Management Solution Powerpoint Presentation SlidesAPI Management Solution Powerpoint Presentation Slides
API Management Solution Powerpoint Presentation SlidesSlideTeam
 
Api types
Api typesApi types
Api typesSarah Maddox
 

Recommended

Api presentation
Api presentationApi presentation
Api presentationTiago Cardoso
 
REST & RESTful Web Services
REST & RESTful Web ServicesREST & RESTful Web Services
REST & RESTful Web ServicesHalil Burak Cetinkaya
 
An Introduction To REST API
An Introduction To REST APIAn Introduction To REST API
An Introduction To REST APIAniruddh Bhilvare
 
Layer 7 SecureSpan Solution
Layer 7 SecureSpan SolutionLayer 7 SecureSpan Solution
Layer 7 SecureSpan SolutionCA API Management
 
{Re}designing a Developer Portal
{Re}designing a Developer Portal{Re}designing a Developer Portal
{Re}designing a Developer PortalPronovix
 
Introduction to GraphQL
Introduction to GraphQLIntroduction to GraphQL
Introduction to GraphQLAmazon Web Services
 
API Management Solution Powerpoint Presentation Slides
API Management Solution Powerpoint Presentation SlidesAPI Management Solution Powerpoint Presentation Slides
API Management Solution Powerpoint Presentation SlidesSlideTeam
 
Api types
Api typesApi types
Api typesSarah Maddox
 
Microsoft power platform
Microsoft power platformMicrosoft power platform
Microsoft power platformMichael Stephenson
 
What is an API?
What is an API?What is an API?
What is an API?Muhammad Zuhdi
 
Azure Pipelines Multistage YAML - Top 10 Features
Azure Pipelines Multistage YAML - Top 10 FeaturesAzure Pipelines Multistage YAML - Top 10 Features
Azure Pipelines Multistage YAML - Top 10 FeaturesMarc Müller
 
API-first design - Basis for an consistent API-Management approach
API-first design - Basis for an consistent API-Management approachAPI-first design - Basis for an consistent API-Management approach
API-first design - Basis for an consistent API-Management approachSven Bernhardt
 
Swift Programming Language
Swift Programming LanguageSwift Programming Language
Swift Programming LanguageCihad Horuzoğlu
 
Introduction to GCP presentation
Introduction to GCP presentationIntroduction to GCP presentation
Introduction to GCP presentationMohit Kachhwani
 
今更聞けない電子認証入門 -OAuth 2.0/OIDCからFIDOまで- <改定2版>
今更聞けない電子認証入門 -OAuth 2.0/OIDCからFIDOまで- <改定2版>今更聞けない電子認証入門 -OAuth 2.0/OIDCからFIDOまで- <改定2版>
今更聞けない電子認証入門 -OAuth 2.0/OIDCからFIDOまで- <改定2版>Naoto Miyachi
 
Microsoft power platform
Microsoft power platformMicrosoft power platform
Microsoft power platformJenkins NS
 
Flutter presentation.pptx
Flutter presentation.pptxFlutter presentation.pptx
Flutter presentation.pptxFalgunSorathiya
 
Introduction to OpenID Connect
Introduction to OpenID Connect Introduction to OpenID Connect
Introduction to OpenID Connect Nat Sakimura
 
Event Driven-Architecture from a Scalability perspective
Event Driven-Architecture from a Scalability perspectiveEvent Driven-Architecture from a Scalability perspective
Event Driven-Architecture from a Scalability perspectiveJonas Bonér
 
API Management in Azure
API Management in AzureAPI Management in Azure
API Management in AzureTomasso Groenendijk
 
Building GraphQL APIs in C#
Building GraphQL APIs in C#Building GraphQL APIs in C#
Building GraphQL APIs in C#Kim Minnick, PHR
 
Api gateway
Api gatewayApi gateway
Api gatewayenyert
 
API Frenzy: API Strategy 101
API Frenzy: API Strategy 101API Frenzy: API Strategy 101
API Frenzy: API Strategy 101Akana
 
Business Values for IoT Solutions
Business Values for IoT SolutionsBusiness Values for IoT Solutions
Business Values for IoT SolutionsIBM Analytics
 
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --Jun Kurihara
 
Hackathon winning pitch
Hackathon winning pitchHackathon winning pitch
Hackathon winning pitchAnand Inbasekaran, MBA, B.Tech, TOGAF
 
AngularJS: an introduction
AngularJS: an introductionAngularJS: an introduction
AngularJS: an introductionLuigi De Russis
 
Apigee Edge Overview and Roadmap
Apigee Edge Overview and RoadmapApigee Edge Overview and Roadmap
Apigee Edge Overview and RoadmapApigee | Google Cloud
 
Getting Started with Cognito User Pools - September Webinar Series
Getting Started with Cognito User Pools - September Webinar SeriesGetting Started with Cognito User Pools - September Webinar Series
Getting Started with Cognito User Pools - September Webinar SeriesAmazon Web Services
 
Weaving Containers in Amazon's ECA
Weaving Containers in Amazon's ECAWeaving Containers in Amazon's ECA
Weaving Containers in Amazon's ECAAmazon Web Services
 

More Related Content

What's hot

Azure Pipelines Multistage YAML - Top 10 Features
Azure Pipelines Multistage YAML - Top 10 FeaturesAzure Pipelines Multistage YAML - Top 10 Features
Azure Pipelines Multistage YAML - Top 10 FeaturesMarc Müller
 
API-first design - Basis for an consistent API-Management approach
API-first design - Basis for an consistent API-Management approachAPI-first design - Basis for an consistent API-Management approach
API-first design - Basis for an consistent API-Management approachSven Bernhardt
 
Swift Programming Language
Swift Programming LanguageSwift Programming Language
Swift Programming LanguageCihad Horuzoğlu
 
Introduction to GCP presentation
Introduction to GCP presentationIntroduction to GCP presentation
Introduction to GCP presentationMohit Kachhwani
 
今更聞けない電子認証入門 -OAuth 2.0/OIDCからFIDOまで- <改定2版>
今更聞けない電子認証入門 -OAuth 2.0/OIDCからFIDOまで- <改定2版>今更聞けない電子認証入門 -OAuth 2.0/OIDCからFIDOまで- <改定2版>
今更聞けない電子認証入門 -OAuth 2.0/OIDCからFIDOまで- <改定2版>Naoto Miyachi
 
Microsoft power platform
Microsoft power platformMicrosoft power platform
Microsoft power platformJenkins NS
 
Flutter presentation.pptx
Flutter presentation.pptxFlutter presentation.pptx
Flutter presentation.pptxFalgunSorathiya
 
Introduction to OpenID Connect
Introduction to OpenID Connect Introduction to OpenID Connect
Introduction to OpenID Connect Nat Sakimura
 
Event Driven-Architecture from a Scalability perspective
Event Driven-Architecture from a Scalability perspectiveEvent Driven-Architecture from a Scalability perspective
Event Driven-Architecture from a Scalability perspectiveJonas Bonér
 
Building GraphQL APIs in C#
Building GraphQL APIs in C#Building GraphQL APIs in C#
Building GraphQL APIs in C#Kim Minnick, PHR
 
Api gateway
Api gatewayApi gateway
Api gatewayenyert
 
API Frenzy: API Strategy 101
API Frenzy: API Strategy 101API Frenzy: API Strategy 101
API Frenzy: API Strategy 101Akana
 
Business Values for IoT Solutions
Business Values for IoT SolutionsBusiness Values for IoT Solutions
Business Values for IoT SolutionsIBM Analytics
 
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --Jun Kurihara
 
AngularJS: an introduction
AngularJS: an introductionAngularJS: an introduction
AngularJS: an introductionLuigi De Russis
 

What's hot (20)

Microsoft power platform
Microsoft power platformMicrosoft power platform
Microsoft power platform
 
What is an API?
What is an API?What is an API?
What is an API?
 
Azure Pipelines Multistage YAML - Top 10 Features
Azure Pipelines Multistage YAML - Top 10 FeaturesAzure Pipelines Multistage YAML - Top 10 Features
Azure Pipelines Multistage YAML - Top 10 Features
 
API-first design - Basis for an consistent API-Management approach
API-first design - Basis for an consistent API-Management approachAPI-first design - Basis for an consistent API-Management approach
API-first design - Basis for an consistent API-Management approach
 
Swift Programming Language
Swift Programming LanguageSwift Programming Language
Swift Programming Language
 
Introduction to GCP presentation
Introduction to GCP presentationIntroduction to GCP presentation
Introduction to GCP presentation
 
今更聞けない電子認証入門 -OAuth 2.0/OIDCからFIDOまで- <改定2版>
今更聞けない電子認証入門 -OAuth 2.0/OIDCからFIDOまで- <改定2版>今更聞けない電子認証入門 -OAuth 2.0/OIDCからFIDOまで- <改定2版>
今更聞けない電子認証入門 -OAuth 2.0/OIDCからFIDOまで- <改定2版>
 
Microsoft power platform
Microsoft power platformMicrosoft power platform
Microsoft power platform
 
Flutter presentation.pptx
Flutter presentation.pptxFlutter presentation.pptx
Flutter presentation.pptx
 
Introduction to OpenID Connect
Introduction to OpenID Connect Introduction to OpenID Connect
Introduction to OpenID Connect
 
Event Driven-Architecture from a Scalability perspective
Event Driven-Architecture from a Scalability perspectiveEvent Driven-Architecture from a Scalability perspective
Event Driven-Architecture from a Scalability perspective
 
API Management in Azure
API Management in AzureAPI Management in Azure
API Management in Azure
 
Building GraphQL APIs in C#
Building GraphQL APIs in C#Building GraphQL APIs in C#
Building GraphQL APIs in C#
 
Api gateway
Api gatewayApi gateway
Api gateway
 
API Frenzy: API Strategy 101
API Frenzy: API Strategy 101API Frenzy: API Strategy 101
API Frenzy: API Strategy 101
 
Business Values for IoT Solutions
Business Values for IoT SolutionsBusiness Values for IoT Solutions
Business Values for IoT Solutions
 
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --
Modern Authentication -- FIDO2 Web Authentication (WebAuthn) を学ぶ --
 
Hackathon winning pitch
Hackathon winning pitchHackathon winning pitch
Hackathon winning pitch
 
AngularJS: an introduction
AngularJS: an introductionAngularJS: an introduction
AngularJS: an introduction
 
Apigee Edge Overview and Roadmap
Apigee Edge Overview and RoadmapApigee Edge Overview and Roadmap
Apigee Edge Overview and Roadmap
 

Viewers also liked

Getting Started with Cognito User Pools - September Webinar Series
Getting Started with Cognito User Pools - September Webinar SeriesGetting Started with Cognito User Pools - September Webinar Series
Getting Started with Cognito User Pools - September Webinar SeriesAmazon Web Services
 
Weaving Containers in Amazon's ECA
Weaving Containers in Amazon's ECAWeaving Containers in Amazon's ECA
Weaving Containers in Amazon's ECAAmazon Web Services
 
Practical Steps to Hackproofing AWS
Practical Steps to Hackproofing AWSPractical Steps to Hackproofing AWS
Practical Steps to Hackproofing AWSAmazon Web Services
 
(DAT302) Relational Database Management Systems in the Cloud
(DAT302) Relational Database Management Systems in the Cloud(DAT302) Relational Database Management Systems in the Cloud
(DAT302) Relational Database Management Systems in the CloudAmazon Web Services
 
(SPOT208) How to Sponsor a Diversity Circle in a Tech Workplace
(SPOT208) How to Sponsor a Diversity Circle in a Tech Workplace(SPOT208) How to Sponsor a Diversity Circle in a Tech Workplace
(SPOT208) How to Sponsor a Diversity Circle in a Tech WorkplaceAmazon Web Services
 
Intro to AWS: Amazon EC2 and Compute Services
Intro to AWS: Amazon EC2 and Compute ServicesIntro to AWS: Amazon EC2 and Compute Services
Intro to AWS: Amazon EC2 and Compute ServicesAmazon Web Services
 
Creating Velocity in Data Centre Migrations to AWS
Creating Velocity in Data Centre Migrations to AWSCreating Velocity in Data Centre Migrations to AWS
Creating Velocity in Data Centre Migrations to AWSAmazon Web Services
 
(SEC403) Diving into AWS CloudTrail Events w/ Apache Spark on EMR
(SEC403) Diving into AWS CloudTrail Events w/ Apache Spark on EMR(SEC403) Diving into AWS CloudTrail Events w/ Apache Spark on EMR
(SEC403) Diving into AWS CloudTrail Events w/ Apache Spark on EMRAmazon Web Services
 
Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013
Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013
Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013Amazon Web Services
 
AWS July Webinar Series: Overview: Build and Manage your APIs with Amazon API...
AWS July Webinar Series: Overview: Build and Manage your APIs with Amazon API...AWS July Webinar Series: Overview: Build and Manage your APIs with Amazon API...
AWS July Webinar Series: Overview: Build and Manage your APIs with Amazon API...Amazon Web Services
 
Transparency and Control with AWS CloudTrail and AWS Config
Transparency and Control with AWS CloudTrail and AWS ConfigTransparency and Control with AWS CloudTrail and AWS Config
Transparency and Control with AWS CloudTrail and AWS ConfigAmazon Web Services
 
(MBL401) Social Logins for Mobile Apps with Amazon Cognito | AWS re:Invent 2014
(MBL401) Social Logins for Mobile Apps with Amazon Cognito | AWS re:Invent 2014(MBL401) Social Logins for Mobile Apps with Amazon Cognito | AWS re:Invent 2014
(MBL401) Social Logins for Mobile Apps with Amazon Cognito | AWS re:Invent 2014Amazon Web Services
 
(CMP201) All You Need To Know About Auto Scaling
(CMP201) All You Need To Know About Auto Scaling(CMP201) All You Need To Know About Auto Scaling
(CMP201) All You Need To Know About Auto ScalingAmazon Web Services
 
(SEC302) Delegating Access to Your AWS Environment | AWS re:Invent 2014
(SEC302) Delegating Access to Your AWS Environment | AWS re:Invent 2014(SEC302) Delegating Access to Your AWS Environment | AWS re:Invent 2014
(SEC302) Delegating Access to Your AWS Environment | AWS re:Invent 2014Amazon Web Services
 
Simplifying The S's: Single Sign-On, SPNEGO and SAML
Simplifying The S's: Single Sign-On, SPNEGO and SAMLSimplifying The S's: Single Sign-On, SPNEGO and SAML
Simplifying The S's: Single Sign-On, SPNEGO and SAMLGabriella Davis
 
What’s New with AWS Mobile Services
What’s New with AWS Mobile ServicesWhat’s New with AWS Mobile Services
What’s New with AWS Mobile ServicesAmazon Web Services
 
(ARC402) Double Redundancy With AWS Direct Connect
(ARC402) Double Redundancy With AWS Direct Connect(ARC402) Double Redundancy With AWS Direct Connect
(ARC402) Double Redundancy With AWS Direct ConnectAmazon Web Services
 

Viewers also liked (20)

Getting Started with Cognito User Pools - September Webinar Series
Getting Started with Cognito User Pools - September Webinar SeriesGetting Started with Cognito User Pools - September Webinar Series
Getting Started with Cognito User Pools - September Webinar Series
 
Weaving Containers in Amazon's ECA
Weaving Containers in Amazon's ECAWeaving Containers in Amazon's ECA
Weaving Containers in Amazon's ECA
 
Practical Steps to Hackproofing AWS
Practical Steps to Hackproofing AWSPractical Steps to Hackproofing AWS
Practical Steps to Hackproofing AWS
 
(DAT302) Relational Database Management Systems in the Cloud
(DAT302) Relational Database Management Systems in the Cloud(DAT302) Relational Database Management Systems in the Cloud
(DAT302) Relational Database Management Systems in the Cloud
 
(SPOT208) How to Sponsor a Diversity Circle in a Tech Workplace
(SPOT208) How to Sponsor a Diversity Circle in a Tech Workplace(SPOT208) How to Sponsor a Diversity Circle in a Tech Workplace
(SPOT208) How to Sponsor a Diversity Circle in a Tech Workplace
 
Intro to AWS: Amazon EC2 and Compute Services
Intro to AWS: Amazon EC2 and Compute ServicesIntro to AWS: Amazon EC2 and Compute Services
Intro to AWS: Amazon EC2 and Compute Services
 
Creating Velocity in Data Centre Migrations to AWS
Creating Velocity in Data Centre Migrations to AWSCreating Velocity in Data Centre Migrations to AWS
Creating Velocity in Data Centre Migrations to AWS
 
Intro to AWS: Database Services
Intro to AWS: Database ServicesIntro to AWS: Database Services
Intro to AWS: Database Services
 
(SEC403) Diving into AWS CloudTrail Events w/ Apache Spark on EMR
(SEC403) Diving into AWS CloudTrail Events w/ Apache Spark on EMR(SEC403) Diving into AWS CloudTrail Events w/ Apache Spark on EMR
(SEC403) Diving into AWS CloudTrail Events w/ Apache Spark on EMR
 
Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013
Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013
Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013
 
How To Build Android for ARM Chip boards
How To Build Android for ARM Chip boardsHow To Build Android for ARM Chip boards
How To Build Android for ARM Chip boards
 
AWS July Webinar Series: Overview: Build and Manage your APIs with Amazon API...
AWS July Webinar Series: Overview: Build and Manage your APIs with Amazon API...AWS July Webinar Series: Overview: Build and Manage your APIs with Amazon API...
AWS July Webinar Series: Overview: Build and Manage your APIs with Amazon API...
 
Transparency and Control with AWS CloudTrail and AWS Config
Transparency and Control with AWS CloudTrail and AWS ConfigTransparency and Control with AWS CloudTrail and AWS Config
Transparency and Control with AWS CloudTrail and AWS Config
 
(MBL401) Social Logins for Mobile Apps with Amazon Cognito | AWS re:Invent 2014
(MBL401) Social Logins for Mobile Apps with Amazon Cognito | AWS re:Invent 2014(MBL401) Social Logins for Mobile Apps with Amazon Cognito | AWS re:Invent 2014
(MBL401) Social Logins for Mobile Apps with Amazon Cognito | AWS re:Invent 2014
 
(CMP201) All You Need To Know About Auto Scaling
(CMP201) All You Need To Know About Auto Scaling(CMP201) All You Need To Know About Auto Scaling
(CMP201) All You Need To Know About Auto Scaling
 
(SEC302) Delegating Access to Your AWS Environment | AWS re:Invent 2014
(SEC302) Delegating Access to Your AWS Environment | AWS re:Invent 2014(SEC302) Delegating Access to Your AWS Environment | AWS re:Invent 2014
(SEC302) Delegating Access to Your AWS Environment | AWS re:Invent 2014
 
Simplifying The S's: Single Sign-On, SPNEGO and SAML
Simplifying The S's: Single Sign-On, SPNEGO and SAMLSimplifying The S's: Single Sign-On, SPNEGO and SAML
Simplifying The S's: Single Sign-On, SPNEGO and SAML
 
What’s New with AWS Mobile Services
What’s New with AWS Mobile ServicesWhat’s New with AWS Mobile Services
What’s New with AWS Mobile Services
 
(ARC402) Double Redundancy With AWS Direct Connect
(ARC402) Double Redundancy With AWS Direct Connect(ARC402) Double Redundancy With AWS Direct Connect
(ARC402) Double Redundancy With AWS Direct Connect
 
A guide on Aws Security Token Service
A guide on Aws Security Token ServiceA guide on Aws Security Token Service
A guide on Aws Security Token Service
 

Similar to (MBL402) Mobile Identity Management & Data Sync Using Amazon Cognito

Building Mobile Apps on AWS at Websummit Diublin
Building Mobile Apps on AWS at Websummit DiublinBuilding Mobile Apps on AWS at Websummit Diublin
Building Mobile Apps on AWS at Websummit DiublinAmazon Web Services
 
Deep Dive on User Sign-up Sign-in with Amazon Cognito - AWS Online Tech Talks
Deep Dive on User Sign-up Sign-in with Amazon Cognito - AWS Online Tech TalksDeep Dive on User Sign-up Sign-in with Amazon Cognito - AWS Online Tech Talks
Deep Dive on User Sign-up Sign-in with Amazon Cognito - AWS Online Tech TalksAmazon Web Services
 
Build Your Mobile App Faster with AWS Mobile Services (Part 1 - AWS)
Build Your Mobile App Faster with AWS Mobile Services (Part 1 - AWS)Build Your Mobile App Faster with AWS Mobile Services (Part 1 - AWS)
Build Your Mobile App Faster with AWS Mobile Services (Part 1 - AWS)Amazon Web Services
 
Add User Sign in and Management to your Apps with Amazon Cognito
Add User Sign in and Management to your Apps with Amazon CognitoAdd User Sign in and Management to your Apps with Amazon Cognito
Add User Sign in and Management to your Apps with Amazon CognitoAmazon Web Services
 
ACDKOCHI19 - Enterprise grade security for web and mobile applications on AWS
ACDKOCHI19 - Enterprise grade security for web and mobile applications on AWSACDKOCHI19 - Enterprise grade security for web and mobile applications on AWS
ACDKOCHI19 - Enterprise grade security for web and mobile applications on AWSAWS User Group Kochi
 
Deep Dive on Amazon Cognito - DevDay Austin 2017
Deep Dive on Amazon Cognito - DevDay Austin 2017Deep Dive on Amazon Cognito - DevDay Austin 2017
Deep Dive on Amazon Cognito - DevDay Austin 2017Amazon Web Services
 
Amazon Cognito Public Beta of Built-in UI for User Sign-up/in and SAML Federa...
Amazon Cognito Public Beta of Built-in UI for User Sign-up/in and SAML Federa...Amazon Cognito Public Beta of Built-in UI for User Sign-up/in and SAML Federa...
Amazon Cognito Public Beta of Built-in UI for User Sign-up/in and SAML Federa...Amazon Web Services
 
Build and Deploy Your Mobile Games
Build and Deploy Your Mobile Games Build and Deploy Your Mobile Games
Build and Deploy Your Mobile Games Amazon Web Services
 
Raleigh DevDay 2017: Managing User Onboarding, Sign-up, Sign-in, Identity and...
Raleigh DevDay 2017: Managing User Onboarding, Sign-up, Sign-in, Identity and...Raleigh DevDay 2017: Managing User Onboarding, Sign-up, Sign-in, Identity and...
Raleigh DevDay 2017: Managing User Onboarding, Sign-up, Sign-in, Identity and...Amazon Web Services
 
Deep Dive on Amazon Cognito - DevDay Los Angeles 2017
Deep Dive on Amazon Cognito - DevDay Los Angeles 2017Deep Dive on Amazon Cognito - DevDay Los Angeles 2017
Deep Dive on Amazon Cognito - DevDay Los Angeles 2017Amazon Web Services
 
Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...
Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...
Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...Amazon Web Services
 
(MBL302) Mastering Synchronization Across Mobile Devices, Login Providers, an...
(MBL302) Mastering Synchronization Across Mobile Devices, Login Providers, an...(MBL302) Mastering Synchronization Across Mobile Devices, Login Providers, an...
(MBL302) Mastering Synchronization Across Mobile Devices, Login Providers, an...Amazon Web Services
 
(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...
(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...
(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...Amazon Web Services
 
AWS Mobile Services & SDK Introduction & Demo
AWS Mobile Services & SDK Introduction & DemoAWS Mobile Services & SDK Introduction & Demo
AWS Mobile Services & SDK Introduction & DemoAmazon Web Services
 
Day 2 - Delivering Media Mobile Apps Using the AWS Mobile & Javascript SDKs
Day 2 - Delivering Media Mobile Apps Using the AWS Mobile & Javascript SDKsDay 2 - Delivering Media Mobile Apps Using the AWS Mobile & Javascript SDKs
Day 2 - Delivering Media Mobile Apps Using the AWS Mobile & Javascript SDKsAmazon Web Services
 

Similar to (MBL402) Mobile Identity Management & Data Sync Using Amazon Cognito (20)

Building Mobile Apps on AWS at Websummit Diublin
Building Mobile Apps on AWS at Websummit DiublinBuilding Mobile Apps on AWS at Websummit Diublin
Building Mobile Apps on AWS at Websummit Diublin
 
Fortify your API's
Fortify your API'sFortify your API's
Fortify your API's
 
Deep Dive on User Sign-up Sign-in with Amazon Cognito - AWS Online Tech Talks
Deep Dive on User Sign-up Sign-in with Amazon Cognito - AWS Online Tech TalksDeep Dive on User Sign-up Sign-in with Amazon Cognito - AWS Online Tech Talks
Deep Dive on User Sign-up Sign-in with Amazon Cognito - AWS Online Tech Talks
 
Build Your Mobile App Faster with AWS Mobile Services (Part 1 - AWS)
Build Your Mobile App Faster with AWS Mobile Services (Part 1 - AWS)Build Your Mobile App Faster with AWS Mobile Services (Part 1 - AWS)
Build Your Mobile App Faster with AWS Mobile Services (Part 1 - AWS)
 
Add User Sign in and Management to your Apps with Amazon Cognito
Add User Sign in and Management to your Apps with Amazon CognitoAdd User Sign in and Management to your Apps with Amazon Cognito
Add User Sign in and Management to your Apps with Amazon Cognito
 
ACDKOCHI19 - Enterprise grade security for web and mobile applications on AWS
ACDKOCHI19 - Enterprise grade security for web and mobile applications on AWSACDKOCHI19 - Enterprise grade security for web and mobile applications on AWS
ACDKOCHI19 - Enterprise grade security for web and mobile applications on AWS
 
Deep Dive on Amazon Cognito - DevDay Austin 2017
Deep Dive on Amazon Cognito - DevDay Austin 2017Deep Dive on Amazon Cognito - DevDay Austin 2017
Deep Dive on Amazon Cognito - DevDay Austin 2017
 
Amazon Cognito Public Beta of Built-in UI for User Sign-up/in and SAML Federa...
Amazon Cognito Public Beta of Built-in UI for User Sign-up/in and SAML Federa...Amazon Cognito Public Beta of Built-in UI for User Sign-up/in and SAML Federa...
Amazon Cognito Public Beta of Built-in UI for User Sign-up/in and SAML Federa...
 
Build and Deploy Your Mobile Games
Build and Deploy Your Mobile Games Build and Deploy Your Mobile Games
Build and Deploy Your Mobile Games
 
Raleigh DevDay 2017: Managing User Onboarding, Sign-up, Sign-in, Identity and...
Raleigh DevDay 2017: Managing User Onboarding, Sign-up, Sign-in, Identity and...Raleigh DevDay 2017: Managing User Onboarding, Sign-up, Sign-in, Identity and...
Raleigh DevDay 2017: Managing User Onboarding, Sign-up, Sign-in, Identity and...
 
Deep Dive on Amazon Cognito - DevDay Los Angeles 2017
Deep Dive on Amazon Cognito - DevDay Los Angeles 2017Deep Dive on Amazon Cognito - DevDay Los Angeles 2017
Deep Dive on Amazon Cognito - DevDay Los Angeles 2017
 
Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...
Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...
Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...
 
Amazon Cognito
Amazon CognitoAmazon Cognito
Amazon Cognito
 
(MBL302) Mastering Synchronization Across Mobile Devices, Login Providers, an...
(MBL302) Mastering Synchronization Across Mobile Devices, Login Providers, an...(MBL302) Mastering Synchronization Across Mobile Devices, Login Providers, an...
(MBL302) Mastering Synchronization Across Mobile Devices, Login Providers, an...
 
Building mobile apps on aws
Building mobile apps on awsBuilding mobile apps on aws
Building mobile apps on aws
 
Building mobile apps on AWS
Building mobile apps on AWSBuilding mobile apps on AWS
Building mobile apps on AWS
 
(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...
(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...
(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...
 
AWS Mobile Services & SDK Introduction & Demo
AWS Mobile Services & SDK Introduction & DemoAWS Mobile Services & SDK Introduction & Demo
AWS Mobile Services & SDK Introduction & Demo
 
Day 2 - Delivering Media Mobile Apps Using the AWS Mobile & Javascript SDKs
Day 2 - Delivering Media Mobile Apps Using the AWS Mobile & Javascript SDKsDay 2 - Delivering Media Mobile Apps Using the AWS Mobile & Javascript SDKs
Day 2 - Delivering Media Mobile Apps Using the AWS Mobile & Javascript SDKs
 
Amazon Cognito Deep Dive
Amazon Cognito Deep DiveAmazon Cognito Deep Dive
Amazon Cognito Deep Dive
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Recently uploaded

My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 

Recently uploaded (20)

My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 

(MBL402) Mobile Identity Management & Data Sync Using Amazon Cognito

  • 1. © 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Stephen Johnson, Solution Architect -- AWS Valentin Polouchkine, Developer Advocate -- Twitter October 2015 MBL402 Identity Management & Data Sync with Amazon Cognito
  • 2. What to Expect from the Session Dive deep into Cognito Identity Learn about Cognito Sync features Twitter Fabric and Digits demonstration
  • 3. Cognito Identity Authenticates Users - Third-party ID Providers - OpenID Connect Providers - Developer Providers Anonymous Identity Federation of Identities OpenID Connect Token Generation Amazon Cognito Overview Cognito Sync Store Customer Data in the Cloud Synchronize Data - Between Devices and Cloud - Across Devices Cognito Events - Trigger AWS Lambda Cognito Streams - Send to Amazon Kinesis
  • 4. Amazon Cognito - Identity
  • 5. Cognito Identity Developer Features Identify customers whenever they use my app No matter how they authenticate (across IDPs) Even if they don’t authenticate (upgrade when they do) Provide appropriate credentials for AWS access Any level of permission, for any service Distinguish authenticated and unauthenticated users
  • 6. AWS Identity Before Cognito AWS Security Token Service (STS) 5. Receive AWS Credentials 3. Assume Role2. Retrieve Identity Mobile Client Identity Provider 1. Authenticate 4. Validate Amazon S3 Web Identity -or- SAML -or- OpenID Connect 6. Store Data
  • 7. Cognito - Identity Storage Identity Pool No limit on # identities Up to 60 Pools / Account Usually associated with an app Trust Policy Access Policy Authenticated Role Trust Policy Access Policy Unauthenticated Role
  • 8. Using the Cognito in the Mobile SDK CognitoCachingCredentialsProvider provider = new CognitoCachingCredentialsProvider ( getApplicationContext(), "us-east-1:64813b20-4f17-491a-9287", Regions.US_EAST_1 ); provider.getIdentityId(); AWSSessionCredentials c = provider.getCredentials();
  • 9. Create an Identity Pool with Roles $ aws cognito-identity create-identity-pool --identity-pool-name mySamplePool --allow-unauthenticated-identities { "IdentityPoolId": "us-east-1:cb6ff5f8-f6aa", "AllowUnauthenticatedIdentities": true, "IdentityPoolName": "mySamplePool”} $ aws cognito-identity set-identity-pool-roles --identity-pool-id us-east-1:cb6ff5f8-f6aa --roles authenticated=arn:aws:iam:::role/Auth_Role, unauthenticated=arn:aws:iam:::role/Unauth_Role
  • 10. Create an (Unauthenticated) Identity $ aws cognito-identity get-id --identity-pool-id us-east-1:cb6ff5f8-f6aa { "IdentityId": "us-east-1:73dbf099-cb1b-4a32-90f0-6c224" }
  • 11. Get the OpenID Connect Token $ aws cognito-identity get-open-id-token --identity-id us-east-1:73dbf099-cb1b-4a32 { "Token": "eyJraWQiOiJ1cy1lYXN0LTExIiwidHlwIjoiSldTIiwiYWxnIjo iUlM1MTIifQ.eyJzdWIiOiJ1cy1lYXN0LTE6NzNkYmYwOTktY2Ix XUSUi27oUABCPA6Vx14WUTUCc7WfMqidQu5GIvZIiCvvTXG9EXY6 zsf1C5BhV9EVvtww", "IdentityId": "us-east-1:73dbf099-cb1b-4a32 }
  • 12. Cognito Token – JWT format (courtesy jwt.io)
  • 13. Assume Unauthenticated Role $ aws sts assume-role-with-web-identity --role-arn arn:aws:iam::role/Cognito_Unauth_Role --role-session-name steve --web-identity-token eyJraWQiOiJ1cy1lYXN0LTExIiwi dHlwIjoiSldTIiwiYWxnIjoiUlM1MTIifQ.eyJzdWIiOiJ1cy1lY XN0LTE6NzNkYmYwOTktY2IxYi00YTMyLTkwZjAtNmMyMjQ4NTg4O GFmIiwiYXVkIjoidXMtZWFzdC0xOjY0ODEzYjIwLTRmMTctNDkxY S05Mjg3LTJiMzc2YjgyNThjO
  • 14. Assumed Role Credentials (output) "Credentials": { "AccessKeyId": "ASIAJBGJ6DTQE5Q3N67Q”, "SecretAccessKey”:"aAa5v7/e+rk8Cr5VB+P4sL3DyaQJZ", "SessionToken": "AQoDYXdzEFAagAS8+GnLyCwthcqB /GftrGcCcY4cMi8sPOHXk1gNUkWvJIqkUcY4cMi8sPOHXk1gNUkW vJIqkv9uy9H07T4cY4cMi8sPOHXk1gNUkWvJIqk4PF/e==", "Expiration": "2015-09-17T00:15:53Z” }
  • 15. Unauthenticated Flow STS 5. Receive AWS Credentials 3. Assume Role2. OpenID Token Mobile Client Cognito “IDP” 1. Get New Identity 4. Validate Amazon S3 6. Store Data
  • 16. Revisit API for Authenticated Identities $ aws cognito-identity get-id --identity-pool-id <required> --logins <to fetch authenticated id> $ aws cognito-identity get-open-id-token --identity-id <required> --logins <to fetch token for auth’d id>
  • 17. Getting a Token : linking a login (promotion) get-open-id-token( Id = 2 , ) Id = 2 , Id = 2 Cognito promotes to “authenticated” , Returns same identity-id
  • 18. Getting a Token : lookup, return id get-open-id-token( Id = 3 Id = 3 , ) Id = 3 , Cognito returns The same identity-id
  • 19. Id = 2 Getting a Token : merging identities get-open-id-token( Id = 3 , ) Id = 3 , Cognito merges the Identities, returns an existing identity-id Id = 2
  • 20. Getting a Token : Not Authorized get-open-id-token( ID = 3 ,ID = 3 ) ) Cognito requires a valid linked login before giving a token for an authorized ID
  • 21. Authenticated Flow STS 5. Receive AWS Credentials 3. Assume Role2. OpenID Token Mobile Client Cognito “IDP” 1. Get or Create Identity 4. Validate Amazon S3 6. Store Data
  • 23. OpenID Information in IAM Policy (Trust) "Condition": { "StringEquals": { "cognito-identity.amazonaws.com:aud”:"us-east-1:identity-pool-id” }, "ForAnyValue:StringLike": { "cognito-identity.amazonaws.com:amr": ”authenticated” < or specify by provider… > "cognito-identity.amazonaws.com:amr": ”api.twitter.com” } }
  • 24. Restricting S3 Buckets by User { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": ["s3:ListBucket"], "Resource": ["arn:aws:s3:::EXAMPLE-BUCKET-NAME"], "Condition": { "StringLike": { "s3:prefix": ["cognito/myapp/"] } } }, { "Effect": "Allow", "Action": [ "s3:GetObject", "s3:PutObject", "s3:DeleteObject" ], "Resource": [ "arn:aws:s3:::EXAMPLE-BUCKET-NAME/cognito/myapp/ ${cognito-identity.amazonaws.com:sub}", "arn:aws:s3:::EXAMPLE-BUCKET-NAME/cognito/myapp/ ${cognito-identity.amazonaws.com:sub}/*" ] } ] }
  • 25. Using Developer Identities What if you already have a directory with names and passwords? You can federate your own identities using Cognito One server side API call: getOpenIdTokenForDeveloperIdentity
  • 26. Developer Authenticated Flow STS 6. Receive AWS Credentials 4. Assume Role Mobile Client 1. Authenticate 5. Validate Amazon S3 7. Store Data 3. OpenID Token Cognito “IDP” Developer Login 2. Request Token
  • 28. Developer Auth Demo STS 6. Receive AWS Credentials 4. Assume Role Mobile Client 1. Authenticate 5. Validate Amazon S3 7. Store Data 3. OpenID Token Cognito API API Gateway AWS Lambda 2. Get Token
  • 29. Pro Tips for Cognito Identity Always cache Unauthenticated Identity IDs Trap security errors so you know when to reauthenticate Be sure to customize the default Access Policies for Authenticated and Unauthenticated Identities If you use Developer Identities, lock down the login workflow.
  • 31. Cognito Sync Data Structure Identity Pool 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB 1 MB Each identity’s store contains up to 20 Datasets A Dataset contains Key/Value Records
  • 32. Protips for Cognito Sync Use SyncOnConnect, or explicit Sync calls depending on use case Sync happens at the Dataset level. Use different datasets for different Sync patterns If you require immediate updates, use Cognito Push Sync Implement SyncCallback if you want to know what’s going on, or give your Customers a better experience
  • 33. Cognito Sync Events Mobile Client 1. Sync Identity Pool Sync Data AWS Lambda Amazon DynamoDB Amazon Redshift 2. SyncTrigger Event 3. R/W 4. Write 5. Update
  • 34. Pro Tips for Cognito Events Handles Incoming Sync Data --whatever makes it in the store will be shared with all clients on sync You have control over what is stored: Add, Modify, or Delete Records Modify Record Values (create ‘Read Only’ Values) Use DynamoDB, S3, or Amazon RDS to support complex use cases Validate values to detect exploits or cheating
  • 35. Cognito Streams Mobile Client 1. Sync Identity Pool Sync Data 3. Update Amazon Kinesis Amazon Redshift Amazon S3 2. Stream
  • 37.
  • 38. What’s in the box? Crashlytics Kit Stability Twitter Kit Social MoPub Kit Revenue Digits Kit Identity
  • 39. Basic flow Phone Number SMS (Confirmation Code) Stable ID, oAuth Token Confirmation Code
  • 40. Digits iOS, Android, JS 216 countries, 28 languages Digits.com: 2FA, phone number change Voice verification as fallback
  • 43. Related Sessions SEC307 - A Progressive Journey Through AWS IAM Federation Options SEC305 - Become an AWS IAM Policy Ninja in 60 Minutes or Less MBL309 - Analyze Mobile App Data and Build Predictive Applications