After grinding for 10 years, working with different indie labels and flirti… Read Full Bio ↴After grinding for 10 years, working with different indie labels and flirting with fame, Cognito has found the perfect label to call home: Strange Music, one of the most successful independent music labels in the world. “They work hard like I work hard,” assures COGNITO. “They put everything into their artists.”

The dogged determination to prevail at any cost that both Strange and COGNITO share couldn't be a better match. The Fairfield, Calif.-raised father of two has poured his heart into albums, toured relentlessly, and stayed in the studio late numerous Friday nights when he could've been chilling at home with his family – all for the love of the game.

Growing up in the North Bay, COGNITO fast became intrigued with the burgeoning local hip-hop scene led by E-40 and B-Legit. The two hip-hop heavyweights exposed the young emcee to the hip-hop community, tapping his services at the Sick Wid It offices and schooling him in the art of promotion. He is the first to admit he was not the best student. But writing stories was his strong point in school. He started writing rhymes at 16, taking his cue from the people he was around. Yet it was hard to take rapping seriously as a career. A white rapper just wasn't considered normal yet. It wasn't until three years later, when Eminem's The Slim Shady LP released, that COGNITO's path became clearer.

“I don't think being a white rapper has held me back,” relays COGNITO about the always-controversial topic of the White Rapper. “It got me seen more. It got me out there. I stand out because I am white. But let my music speak for itself.”

As for the Eminem comparisons, COGNITO is flattered but suggests otherwise.

“When Eminem dropped minds were blown. I look at the Eminem comparison as an honor. He's the best rapper in game. But never once has a guy I work with said I sound like Eminem.”

At age 21 COGNITO earned himself a new title; father. In order to care for his family, he put hip-hop on the back burner for the next year, popping into the studio every so often to record tracks with producing partner D Buck. Mike Mosley, who had worked with E-40, TQ, C-Bo, Richie Rich and Tupac, heard COGNITO's music, and in 2002, offered him a deal with his Steady Mobbin' label.

“When Mike wants to offer you a record deal,” COGNITO states, “you take your career serious.”

COGNITO never dropped an album, but he did make a handful of important connections in the industry, one being QD3 producer Femi, one of the two producers he still consistently works with today. He continued doing shows and brushed up on the record industry rules.

2006 was a big year for COGNITO. He hooked up with Master P and his newly formed Gutta Music to release Recognition. It was an honor to be affiliated with P, a hip-hopreneur COGNITO had admired since hearing his West Coast Bad Boyz compilation in 1997. COGNITO would score his biggest hit to date, “Shift Kits,” from the Shift Kits and Hood Chicks DVD.

COGNITO stayed busy touring with fellow Bay Area rapper Andre Nickatina. When Nickatina took some time off, COGNITO hit the road solo. As fate would have it, COGNITO and Strange shared the same booker. Together on a string of show dates, COGNITO witnessed Strange's impressive stage show and extreme professionalism. COGNITO even shared a joke with Tech: He had previously recorded over Femi's “Slacker” beat, a song that appears on Tech's Absolute Power (2002).

The groundwork for the COGNITO-Strange merger was set in motion. Three years later when hip-hop activist Violet Brown, a longtime supporter of Strange, approached COGNITO about shopping a deal to the indie powerhouse, he was with it.

One conversation with Strange Music co-owner and CEO Travis O'Guin and another with Dave Weiner, Vice President of Strange Music West, plus one visit to Kansas City, the label's home, and COGNITO knew he was home. “I know it sounds cliché, but you can do anything you want,” tells COGNITO. “My motivation has been people saying I couldn't do this. I'm hardheaded. At the end of the day, you have to go get it and no one is going to give it to you. But I look at my progression. Seeing what I'm accomplishing on my own and knowing that if I go get it, it could happen. There hasn't been a goal I shot for that I haven't achieved when it comes to my music.”

Building on his own persistence, COGNITO is quick to admit his success has been buoyed by his supportive team: Violet Brown, Femi, Mike Mosley, Darien Smith, his studio engineer for the past seven years. The 29 year old has had an amazing team behind him, which has catapulted him to where he is today. Currently, COGNITO is working on his Strange debut, Automatic, scheduled for a February/March 2010 release.

“Stylewise, I'm a storyteller,” COGNITO points out. “Whether it's a club track or a serious, depressed track, I'm going to tell you a story and get my message across to you. I like when people can relate to a song. That's what I love more than anything.”

“I don't follow trends,” he adds. “I pride myself in making my music real. I don't like to front, but I also like to have fun. Take me serious, but don't take me too serious. Listen to me with an open mind. I want to be an inspiration like my musical influences were to me.”

As COGNITO prepares for the next stage of his career, he is more than ready for the full-time grind.

“From 21 until now I have given this everything. I don't stop until I achieve my goal. With Strange backing me, I feel that I can accomplish all my goals. I got a shot like this and I'm going to run with it and make it happen.”

Move Back
Cognito Lyrics

We have lyrics for 'Move Back' by these artists:

5five Double five in the building Muje baya From El Gringo to Man…
Azad Wieder unterwegs, bin im Modus Bin auf Jagd, Digga, du gerät…
Casabelo Baby Move back Ich Shoote Ja der Hype steigt weiter Buy,…
L.S.I I been on a war path I'll burn a fucking…
Ol' Dirty Bastard [Intro: E-Snaps] Aww, man, yeah, Lenox Ave. Boyz Aww, man,…
Thi'sl Hey yo I slid through the spot About a quarter to…

We have lyrics for these tracks by Cognito:

Big Bank [Hook: repeat 4X] We got big bank, big rank walkin through t…

Born 2 Be Fly Cause I was born 2 be fly (Tech N9ne): Strange music bab…
Depression I got issues only I can have That's why I…
I Can't Think About It Day time I control my feelings, night times like a…
I'm Goin' Crazy Now that i sing with strange music the industry about to…
My Lil Girl I make her hold all my percs in her purse,…
Outcast When I think about the past of my life, and…
Pain How do you deal with the demons that seem to…
Pill Poppin' Music INTRO In my opinion, it's the music these days. These rap…
Stranger (Tech N9ne) I remember when they used to point they fingers…

Stranger (Ft. Tech N9ne Big Scoob Kutt Coulhoun Stevie Stone (Tech N9ne) I remember when they used to point they fingers…

The lyrics are frequently found in the comments by searching or by filtering for lyric videos

TRACKS

No Related Genres

More Genres

No Artists Found

More Artists Load All

No Albums Found

More Albums Load All

No Tracks Found

Genre not found

Artist not found

Album not found

Search results not found

Song not found

Most interesting comments from YouTube:

Be A Better Dev

3y↑1

Hey josh,

Have you tried taking a look at my video on HTTP APIs in API Gateway? I think you can possibly combine the content from this video and the one below.

https://youtu.be/M91vXdjve7A

Hope this helps.

Daniel

Be A Better Dev

3y↑3

Hi Juan. So there are two flows, implicit and explicit. With implicit, the auth server sends the token to your agent / web browser. With explicit, the user agent would only receive the authorization code which would then need to be provided + the application access key to the auth server for final authentication.

In your case, it sounds like you want to use the implicit flow if you'll be receiving this to a web browser. The token itself will be embedded into the callback url and you can extract it from there. Afterwards, use the token to make subsequent calls to API gateway and encode it in the request as Bearer.

In terms of storing this for later, you should use browser cookies to store the JWT until the expires_in time is reached (this is also provided via the callback url).

There's a couple great resources to take a look at here:

https://stackoverflow.com/questions/16656958/stackexchange-api-implicit-vs-explicit
https://aws.amazon.com/blogs/mobile/understanding-amazon-cognito-user-pool-oauth-2-0-grants/

Hope this helps,

Daniel

All comments from YouTube:

buck_boy

2y↑12

love that you don’t scrub the mistakes out of your videos. thats how real life goes, and i feel it’s important for those new to the industry to see their seniors working through mistakes. great video.

Be A Better Dev

2y↑4

Mistakes happen in real life! Its important to see the whole process :D

Eugene Vedensky

2y↑9

This video along with your RDS lambda integration video is pretty much all you need to get a robust web app going super quickly. Great content.

EDIT: In case you ever read this, do you have any insight how you might apply RBAC with this strategy?

Alexey Egorov

3y↑37

Finally a video that really shows the hands-on, and not just telling me how awesome Cognito is. :)

Apratim Shaw

2y↑2

I had to skip through 3 cognito-is-awesome videos to get to this one. Why isn’t this video the first search result? Thanks for creating this.

Be A Better Dev

3y↑1

Thanks Alexey! I appreciate the kind words :)

Mauricio Ahumada

2y↑1

Great video. I think there's a little change in the way the authorization token is validated in the api gateway, in order to send a request using postman make sure you send the token using the Authorization tab and selecting "Bearer " on the dropdownlist. Do not include the token on the URL as this will not be correctly authorized by api gateway.

Silvia's Brainery on YouTube

Can you explain this a little more, please?

Kishan Lal

2y↑3

23:49 I guess you don't have to do that manually if you allow only the 'Implicit grant' when you check the 'Allowed OAuth Flows' section at 7:25 which would set the response_type to token automatically. But, this is not suggested unless you're using a Single Page App without any backend

Mark Fiala

2y↑1

Fantastic video, I really appreciate it. In my case though, I’d like to use Cognito in kind of a stateless situation, I would prefer to enter the login and password in the header ( or base64 version of it with basic authentication) instead of logging in to get it token first. Reason being I’m connecting it from the output of other web services that do something and there isn’t really the mechanism to get a temporary token. Any ideas how to do that?

Tribal Dragon

2y↑2

Great explanations!! One question, on authorizer test , you used Token id but calling the api path from Postman you put in header the access token instead. Whats the difference and why each one needed in the corresponding scenario?

Jonathan Falcone

3y↑10

This video is amazing! Very generous of you to take time and publish this for public viewing. Just out of curiosity is it possible for a user to login via the HostedUI and then have access to api gateway via the browser? If you don't have tech savy customers they likely don't want to access the API via Postman but would prefer to just login and have access, any chance if you know this is possible ? Thanks so much again :)

Silvia's Brainery on YouTube

@Be A Better Dev i guess this answers my question.....

Be A Better Dev

3y↑1

Hi Jonathan,

Hm, I don't think this is possible using any out of the box tools unfortunately. Sorry to share the bad news. I think it wouldn't be too much work to create a simple React app with a couple input boxes / text areas to call the corresponding UI once logged in.

Thanks so much for the kind words!

Daniel

zeroeffect

Thanks for the great video! I'd gotten past the initial login step just fine but had no idea what to do with the tokens passed back. Got a bit of template work to do linking the Lambdas/Gateway/Cognito but it should be easy peasy thanks to your demo.

Ajay Gulani

2y↑1

Great video! Just a question - how come when you point to the URL for the API it does not redirect to the login page? or would you need to create that in your client side code in something like an "IF" statement?

Daryl

3y↑4

This was a brilliant tutorial. I have watched many videos from various people on youtube, udemy and you name it, I have been on the sites. Yet you talked in such a, lets get this done and ill show you manner instead of lots of talking but spoke about a process when needed was just great. I learned alot from this, thank you. I subbed and liked this video.

Be A Better Dev

3y↑2

Thank you so much for your kind words Daryl. I always try to present my content in a relatable way that synthesizes the complexity of a topic into an easy to understand presentation. I'm glad you found this useful - and thank you for the kind words!

Daniel

jeromeeusebius

2y↑1

BeABetterDev: Thanks for putting this video together. I followed the API Gateway Lambda one and this version with Cognito. The option is Cognito is much richer and I will be exploring it with my app. It is good that the video is also an actual workthrough with details and it was easy and nice to follow and I was able to replicate the results.

Be A Better Dev

Glad this was helpful!

Fatih Ersoy

This video made me subscribe to your channel immediately. It's impressing how easy to understand from you, especially after spending hours on understanding nothing about the topic.

Mark Thien

1y↑3

The id_token is for your application to process, so you can get all the personal details for your user, like their name, age, email address etc. Generally speaking you shouldn't send this token anywhere else as it contains sensitive user data.

The access_token is used to call other 'external' services (and by external I include other AWS services - these are often called over http). It provides service access authorisation for your user without having to include their personal details.

On the face of it this appears slightly confusing as you can actually use the id_token to access services in the same way as the access_token. However, good practise is to use the access_token in this circumstance and if backend services need user data, they should look it up themselves in Cognito.

honey kumar singh

@natraj kalyan did you find nay solution for this?

natraj kalyan

1y↑1

Any idea why did the API cognito authorization fail when the access_token is sent with the request?
Is there a way to configure to accept the access_token but not the id_token?

Ricardo Inacio

3y↑3

I want to thank you! This lesson was really helpful and straightforward. Congratulations!

Be A Better Dev

You're very welcome Ricardo! Thanks for the kind words!

Meysam Mahmoudi

2y↑1

This is a really great video, simple and straightforward. thanks a lot

Josh Peak

Currently running into issues trying to adapt this to the "HTTP API" on API Gateway to use Cognito User Pools as an authorizer but stumbling on the step about JWT as a source. I'll fumble my way through it and I wanted to say that I am grateful your content getting me this far. Authorizing the new HTTP API Gateway could be another idea for content if that's something to add to your list of content ideas. Thanks for the high quality content though ^_^

Be A Better Dev

Thanks so much Josh! I'm glad you were able to work through it and appreciate the support! Thanks again and stay safe :)

Be A Better Dev

3y↑1

1 More Replies...

Rohit Ghali

3y↑3

Mind blown... Was looking for exactly this. Fantastic.

Be A Better Dev

Glad you enjoyed Rohit!

Ryuugaminechan

3y↑2

Was stuck with this for a couple of hours now. Didn't realize that you need to deploy the API after making changes. This video really helped me. Thanks!

Be A Better Dev

3y↑1

You're very welcome!

Tony G

Apparently using the hosted UI direct from the console is problematic in Safari (15.4) : Blocked form submission to '...' because the form's frame is sandboxed and the 'allow-forms' permission is not set. Works fine in Chrome.

Arend Peter Castelein

3y↑7

Hi, thanks for making this, it was super helpful, and well explained

I was able to get everything from the tutorial working, but once the lambda is called, I'd like to access the cognito user id so that I can update user specific information. I was hoping that apigateway would pass along the user id and/or token over to lambda, but it doesn't. How would you handle this?

EDIT: Figured it out, I had to check the "Use Lambda Proxy Integration" at 17:46. Then all the header/query info become available through the lambda event variable

FireFighter80

Helped me a lot. Thank you!

Be A Better Dev

3y↑1

Hi Arend, just got to this comment now - I see you got your question answered, glad to see. Thanks so much for the kind words and glad I could help!

Chris Nuttle

Actually practical thanks a lot. This has helped me a lot.

arpan khetani

Thank you for the well explaination of the Cognito and the demo.. It worked smoothly for me following the steps you mentioned..

Sébastien Crepel

2y↑1

Hello. Thank you so much. This step by step video is a gold mine !

Be A Better Dev

You're very welcome Sebastien!

gal zafar

I liked the tutorial, very clear and precise. how do you accomplish machine to machine authentication ie. using a client id and secret (from my shallow understanding). as I understand I would either send the client id and secret to the endpoint, and the api gateway will take care of it, which is a better option in my opinion. the other other would be to request an access token (using the id and secret) and then using that to authenticate.

what is the "right" way?

Ryan L

Dude, this video is gold. Thank you 🙏

Nayan Choudhary

3y↑4

Thanks for this, just what I needed. Next, can you show how to provide access to user to a subset of lambda functions or APIs, instead of access to all?

Hussain Mohammed Ashruf

1y↑1

Daniel excellent. Covered much in the 30 minutes. I am a bit confused about JWT Id Token vs Access Token which one to use in the Authorization Header. While testing the Cognito UserPool you have used JWT Token vs While testing the API used Access Token.

Juan Sebastian Anzola Cortes

3y↑1

This is awesome. Thanks a lot.

I know this falls out of the scope of your videos, but maybe do you know how to get the JWT in the callback URL using JS or something and how to store it in a secure way to make subsequent calls to Api gateway?

Be A Better Dev

3y↑3

Juan Sebastian Anzola Cortes

Also in a normal Auth flow the user won't change the response type. So, how do you handle that?

Chitra Mandhare

This video is really helpful. However, if the login is not via username and password , but through Ldap then how to use that to authorize the user in Cognito.

Arkadiy Shuvaev

2y↑1

Great work! I have learnt a lot from your video. Thank you and all the best :)

Jake B

3y↑3

THANK YOU!!! I spent my entire day trying to figure out why I wasn't getting the id_token returned and it was because the URL i was using didn't have openid added to the URL!!!! I read every doc and stack overflow article I could find, thank you for making this video!! You got yourself another subscriber :D

Be A Better Dev

3y↑1

Hi Jake,

Super glad I was able to help you out. Thanks so much for the kind words and welcome to the channel!

Daniel

Ihor Konovalenko

2y↑1

Thanks for great practical explanation! Very useful video.

Be A Better Dev

Glad it was helpful!

psychic88

Can you use as callback the API url? It should be possible to configure the authorizer I believe to read the token of callback. Thank you for the helpful video

Luis Muñoz

Excellent video! What should I do if I want to use an access_token for a long time? The access_token must be between 5 minutes and 1 day.
Thanks in advance.

Cas S

2y↑1

Thank you for your videos. They are amazing, the notification is enabled in order to receive news content 😀

Be A Better Dev

Thanks Cas!

Michael Akin

Thanks for this video. Question. Why does AWS not require "Bearer" in the Authorization header like seems to be standard everywhere else?

Tricia Lee

Thanks for a great tutorial. Can you also share on how I can get the apigateway endpoint to be open (no auth) but being able to retrieve cognito user information if user is logged in? I've been looking for way to retrieve cognitoAuthenticationProvider. If user is not logged in, it'll be either empty or unauthorized. If logged in, user id will be there.

Dee Cee

3y↑2

love this video, more on serverless architecture pls

Be A Better Dev

Thanks Dee, more coming soon!

Sergey Wader

3y↑1

Cool! awesome demo and great explanation.

Be A Better Dev

Thanks Erick! Glad you enjoyed.

Radu

3y↑1

Amazing job,man. THANK YOU SO MUCH

Prashant Shandilya

amazing video, just right speed and right contents for api security with AWS

Tonislav Atanasov

3y↑1

Exactly what I was looking for. Thanks! You just got yourself another sub

Be A Better Dev

3y↑1

Thanks Tonislav and welcome to the channel!

Umer Farooq

3y↑2

Who were those with 5 downvotes?
Perhaps this was one of the best and easiest tutorials to understand the concepts.

Aleksi Puttonen

3y↑1

Is there a way to make the cognito-authorizer only allow certain usergroups from Cognito to invoke the lambda or do I need to make own lambda authorizer?

st3114rr

3y↑1

This was so helpful--thanks a ton!

Be A Better Dev

You're very welcome!

Shaun Mccullagh

Superb video, great stuff many thanks for posting

Simon Waffleman

Would love this in Terraform instead of the UI so that can examine the details in GitHub or something.

lucasterable

2y↑1

Can a client app login into Cognito programmatically to get the token? That is, in an IoT context where no browser is involved involved.

sheiy

1y↑1

Could your make a Identity Pool video of how to set different users have different API permissions

Rodrigo de Souza

2y↑1

Freaking amazing video!! Kudos for u! Learned a lot!

Be A Better Dev

You're very welcome Rodrigo!

Héctor Manuel Muñoz Flores

Hi! Good video, do you know why when I update my api from amplify cli it deletes my cognito authorizer?

freit77

2y↑1

Thank you for this really useful content. But I'm really confused to see access and id token encoded at the url. Isn't that an security issue, because everyone with the access token can call the api?
Another question is, how do I integrate this into my web application? redirecting the user to the hosted login page in case of an unautherized (http 403) request? Can anyone help here? Tanks and regads

brent marquez

@Be A Better Dev Are there any resources or tutorials showing how to implement Auth Grant Flow combined with PKCE? Do you have a tutorial on this?

Matt

@Be A Better Dev What if I had kept the auth code in the URL? I had thought API gateway was the "backend" that is able to exchange the code for the token, what am I missing?

Be A Better Dev

2y↑1

Hi freit,

Having the access & id token in the URL is because we were using the OAuth 2.0 Implicit grant flow. This flow is designed to be used by applications that have no available backend (i.e. single page apps). A much better approach is to use the Authorization Grant Flow which involves exchanging the authorization code (provided in the URL) for an access token. This approach combined with PKCE ensures no Man in the Middle attack is possible.

To integrate with your web app, you can either use the Amplify toolkit or call the cognito endpoints directly.

Hope this helps!

dhanu routu

3y↑5

How can we give access to a specific API to a user using the cognito authorizer?

etseale

3y↑1

Nicely explained! Even I understand it. :) Thank You!

Be A Better Dev

3y↑1

Thanks etseale! Glad you enjoyed :)

Torey Littlefield

3y↑1

Masterclass. Thank you 🙏🚀

Be A Better Dev

You're very welcome Torey!

Dek Code

3y↑1

This is gold. Thanks man

Be A Better Dev

You're very welcome Dek!

Cachuela, Saimon Robert L.

3y↑1

You're an absolute mad lad! saved me hours of reading docs lol

Be A Better Dev

You're very welcome Cachuela!

Isha ranka 60

2y↑1

thank youuuu for this tutorial. Helped me a lot!!

Be A Better Dev

You're very welcome!

Mark Thien

Very nice tutorial bro!

Cormac _

As far as I know if you don't add any scopes to the method you can invoke with the id_token.

V Kumar

3y↑1

Thanks, this is just an excellent tutorial !!!

Be A Better Dev

Thanks V! Glad you enjoyed :D

Raed AbuSanad

Hello, how can I limit number of requests of a cognito user is allowed to an api gateway ? E.g a SaaS application where users pay for making 100000 request per year.

Marto Rebufello

Hey man, for some reason it's all good whenever I use a token provided by launching the UI from aws. Tho whenever I use a token from my localhost (it's provided using the amplify-ui authorizer, very similar to the otherone) it doesn't work. Any idea what could be going on?

Valir Jonathan

Great. Please do how to secure API Gateway with Firebase Auth. Much thanks.

TejaWithData

Thanks a lot, you saved my day

pakito de rivera

2y↑1

Thanks a lot! Great explanation.

Be A Better Dev

You're very welcome Pakito!

Eider Antonio Arango Amaya

Thanks bro, nice video. Highly appreciate it.

Craig MacRitchie

3y↑1

This was great! awesome job Daniel!

Be A Better Dev

Thanks Craig! Glad you enjoyed :)

Leo Papadopoulos

I am confused with the ending of the video. Postman just tests the request? How would I go from here so that each endpoint accepts the user with the Key and Value he shows in postman? Will it be done programmatically? Via AWS?

Ted

2y↑1

This was awesome, but could you show how I could get from curl/Postman how to get the access token?

Let's Tak

Nice explanation. Thank you

Scott Jennings

2y↑1

this just saved a ton of time. Forgot to deploy API and was using the test URL or some shit. Thanks bro

Be A Better Dev

2y↑1

You're very welcome Scott! I've been bitten by that problem too many times.

Pavan Sibal

3y↑1

Thanks for a great tutorial. How can I use Amazon Cognito in multi-region scenario?

Be A Better Dev

3y↑1

Hi Pavan, it looks like AWS now supports this natively. Check out the announcement here: https://aws.amazon.com/about-aws/whats-new/2020/04/introducing-multi-region-user-pools/

Berk Selvi

3y↑1

Thanks for great explanation !

Be A Better Dev

You are welcome!

mohamed habib

Authorizer starts @20.00

Moises Flores Estay

3y↑1

Muy agradecido! Gracias!

Be A Better Dev

You're very welcome Moises!

Tasleem Hussein

3y↑1

Awesome video, thanks bud!

Be A Better Dev

You're very welcome Tasleem!

Swaminath Bera

Awesome Man, Thanks for the hard way tip!! 😇😇

Saurabh Agrawal

3y↑1

Thanks for this tutorial, its really nice. Could you let me know, Is there any another way to protect the lambda function to direct call? Someone know about my lambda function and want to protect it from direct call. Looking forward you reply. Thanks in advance.

Be A Better Dev

3y↑1

Hi Saurabh, see my email :)

Juan Arbeláez

Thanks bro you saved me!!!!!!!! great video

inacomic

2y↑1

Top man! Thank you for creating this - and including the fail! lol

inacomic

@Be A Better Dev Hi 👋 Do you have a video walking through adding a cognito user to a dynamodb?

Be A Better Dev

2y↑1

You're very welcome! The fails just adds to the realism :P

Cheers

Asfand Nadeem

I am using it with Google SSO. I receive the tokens in the form of uri fragments but is there any way for it to be part of the request body?

Shayan

3y↑1

Hi, thanks for the great tutorial. I followed all the process but still when i sign up my user, it does not send any verification code or link to the designated email thus user remains unconfirmed. I even send the response
event['response']['autoConfirmUser'] = True
event['response']['autoVerifyEmail'] = True
return event

Yet it still keeps all users unconfirmed. Any idea what might be wrong ?

Shayan

@Be A Better Dev never mind its working now. Thanks for responding though. When i was passing event in a function and then setting those autoConfirmUser to true and returning event then it wasnt working.. now that i am doing same thing only in lambda_handler without passing to any function, then it is working... not sure what i did wrong.

Be A Better Dev

Hi Shayan,

I haven't encountered this issue before. Did you by chance check the spam / junk folders?

Eudes Duarte

Is this like kinda like Firebase Authentication, but where you have more control?

mohammad reza bagheri

2y↑1

Thanks, awesome job!

Be A Better Dev

You're very welcome Mohammad!

Nathan Ellis

3y↑1

Difference between access and ID token? Also when and how would you refresh these tokens?

Nathan Ellis

@Be A Better Dev thanks !

Be A Better Dev

3y↑1

Hi Nathan,

Check out this link for a great answer to this your question: https://stackoverflow.com/a/48544379/13872863

Touhidul Islam

How can I use the Cognito user pool to verify the android/ios app user? In that case, the app has no domain or call-back URL. How to manage tokens than?

David Monsalve

3y↑1

Thank you very much, this video helped me a lot.

Be A Better Dev

You're welcome!

Rakandhiyaaa

3y↑2

thank you so much for the tutorial, I have a question: suppose I am using amazon cognito for authentication, and I have a table in AWS RDS that requires me to have a user id for foreign key purposes, is that doable with amazon cognito? if it is doable, what do I need to do?

Brayden Wilson

I am new to AWS new stack but spend a lot of time with basic AWS service, GCP, SAP Cloud and Other Cloud Vendor.
It seems to be a vendor locking thing, after little research, it seems you can only use APIs to get things done.
It stores 25 fields max for a user and everything is money this is the part they will grab by neck you so you can not jump board if your application needs to be switch outside the AWS.

Phan Trần Phú Huy

I have the same concern with you. I also want to import user_id and their full name in the RDS to manage users. Please clarify this, Daniel

Vishal Sangle

Very very helpful.How can I create multiple users (1k) at a time with password confirm status.where when users are created it can be login such without verification code

suhaib khaseeb

3y↑1

The missing piece was how to connect to cognito to issue the token from postman

Ahmed Shams Chowdhury

A bit Confused when to use id token vs access token in the Postman URL. Looks like you were not sure either..

Ko0lHaNDLuKex

This was great! Thanks a lot.
Now I just need to figure out how to IaC this with Terraform!

Be A Better Dev

3y↑1

You're very welcome! For IaC, check out CDK! It can compile down to Terraform!

A Metaphysical flying fork

One detail for baby step people like me
Add a quick line at the beginning saying what the assumed knowledge is (I assume you know what cognito, api gateway and lambda are, for example)

narendra yadav

2y↑1

Hello sir, this video is nice and helpful but when we hit our endpoint url with using AWS, then we getting a same error authentication token missing, how to solve this error.

Saeed Uchiha

I got an unauthorized_client error too! Any luck on how to solve it?

Imagesxpert Media

Great job. Please do you offer mentorship program. I need to lean more on AWS infrastructure projects

Randika Munasinghe

Can we link cognito with AWS cloud front ?

Harsh Vardhan

If we know ID token and access token from URL, can we not use these token directly to break into the API server in the live environment? Suppose a hacker gets to know our tokens from URL on our browser and hit the API on Postman with those tokens. How do we ensure that API calls are authorised only from the browser or app and not elsewhere?

Be A Better Dev

Hi Harsh,

What you are describing is the challenge with the implicit grant flow. The token is returned directly to the client and can potentially be intercepted. What you may want to consider is using the authorization grant flow. In this model, you only receive back an authorization_code on your application. You need to call back to the /token endpoint to exchange the authorization code for an access token. There is also a protocol extension called PKCE that ensures that only the client that originally requested the authorization_code will be able to exchange it for the access_token. Hope this helps.