How to use Amazon Cognito without Amplify

Michael Prescott picture Michael Prescott · Mar 19, 2021 · Viewed 7.2k times · Source

I'm just now diving into Cognito. The AWS setup has been fairly straight-forward, easy.

We have a variety of apps, webapps, and services and we'd like those to make use of the Cognito service. I've experience setting up similar with Auth0, but because we've been leveraging a number of Amazon Web Services, it really makes sense to use Cognito as well.

Everywhere I look, every guide eventually references Amplify client-side library and cli. We have existing apps and services, and really don't want to change tooling or import anything unnecessary to add bloat and complexity. Is there a way to use Cognito service without Amplify libraries? Is there a lightweight Cognito-only client library for interfacing with the Cognito service, authentication-and-authorization flow?

Answer

oieduardorabelo picture oieduardorabelo · Mar 19, 2021

Update 03 Dec 2021

After re:Invent 2021, "Amplify Admin UI" was renamed to "Amplify Studio". With extra powers now:

  • automatically translates designs made in Figma to human-readable React UI component code

https://aws.amazon.com/blogs/mobile/aws-amplify-studio-figma-to-fullstack-react-app-with-minimal-programming/

===============

Original Answer

To start, I want to clarify that "Amplify" is an umbrella term for multiple things. We have:

  1. Amplify Libraries (UI/JS)
  2. Amplify CLI (to create cloud-native applications)
  3. Amplify Console (ci/cd and hosting for full-stack web apps)
  4. Amplify Admin UI (UI to create and configure full-stack web apps)

You can check the homepage for more clarification - https://docs.amplify.aws/

Is there a lightweight Cognito-only client library for interfacing with the Cognito service, authentication-and-authorization flow?

Behind the scenes, Amplify uses amazon-cognito-identity-js library to interface with Amazon Cognito. You can install that directly via npm install amazon-cognito-identity-js.

The source code has been moved to the Amplify Libraries (e.g. amplify-js) repository. Once again, is part of the "Amplify" umbrella under the first category "Amplify Libraries".

Is there a way to use Cognito service without Amplify libraries?

Another approach that you can do, is to use Amazon Cognito as an OAuth server. When you create an Amazon Cognito Hosted UI Domain, it provides you an OAuth 2.0 compliant authorization server.

You can create your own API/Backend for Signup/Login endpoints and exchange tokens/credentials with the Amazon Cognito OAuth server without using aws-sdk or any 3rd party dependency library.

I wrote a walkthrough example, how to configure your User Pool, endpoints that you need to talk to using Node.js, you can find it here: https://github.com/oieduardorabelo/node-amazon-cognito-oauth

You can follow the same idea for any other language.