User Auth technique

-

 



Full Federated Login Flow: Cognito + Azure AD


1. User triggers login

Your app redirects the user to this Cognito URL:

https://prod-timemate.auth.us-east-1.amazoncognito.com/authorize?client_id=jssams30e4gciifv89j6abc5f&response_type=token&scope=email+openid&redirect_uri=https://app.timemate.aeturnum.com%2Ftimesheet


2. Cognito redirects the user to Microsoft login (Cognito redirects to Azure AD)

3. Azure AD authenticates the user

  •  Azure checks its own user pool for the username and password.
  •  If the user exists and credentials are valid → login success.
  •  Azure returns an ID token (and maybe access token) to Cognito.


4. Cognito extracts user info

  •  Cognito reads claims from Azure’s token (like email, `sub`, name, etc.).
  •  If this is the user's first login, Cognito creates a federated user in its user pool (linked to Azure AD).


5. Cognito issues its own token

  •  Cognito now generates and returns a Cognito JWT token (ID token + access token) to your app.
  •  This is what TimeMate app uses to authenticate the user for its backend and APIs.


Summary:

“We call AWS Cognito → Cognito calls Azure → Azure checks its user pool and credentials → Azure returns token → Cognito extracts user info from the token → Cognito creates the user in its own user pool → Cognito issues its own token.”


Token Source: Azure AD token

Purpose: Proves the user is real/authenticated by Microsoft 


Token Source: Cognito token

Purpose: Used by your app to authorize access to resources (APIs, user info, etc.)


Cognito does not pass along Azure’s token to your app — it issues its own.


Comments

Post a Comment

Popular posts from this blog

Database - Topics

-
Image
 Topics  01. Steps in SQL Query Execution 02. How does the database create a query plan 03. How Query Plan Caching Works 04. What is the need for an execution plan? 05. How Do Query/ Query Plan Execute (Inside MySQL Server) 06. Importance Of Undo Log 07. How Row Lock Is Handle When Query On The Table Row 08. Technique to recover the committed changes 09. Auditing technique 10. Query cache 11. DB connection pool 12. What is ACID? 13. Optimizing SQL queries
Read more

02. Spring – Creating spring project clone it with GIT step by step.

-
Image
  Creating spring project clone it with GIT step by step. 01. Create an empty GIT repository and select a repository name. 02.   Check to add README.md and technology to add it inside the gitignire file0- it will include all the generated class when we complete the application. 03.      Copy the github repository URL. 04 . Open eclipse and go to,             Window – Show View – Other - Type git on the folder and select git repositories. 05.   Now clone this repository at your desired location in which we are going to keep the project specific file . a)         a)  Step One.             b)  Step  Two .          c)    Step Three. Both projects are generated as bellows           d) Step Four  Open the gitingnore file and ignore the target folder of the project. All the class files which are ...
Read more