Comment by Hari Krishnan Murthy on "How to secure Spring boot REST API endpoints with Amazon Cognito"

CommentHow to secure Spring boot REST API endpoints with Amazon Cognito

Hari Krishnan Murthy

Java / integration developer

Nov 9, 2022

Hi Wilson, Thanks for the very informative article. I followed your blog step by step up until the point where I need to sign up/sign in to generate a token via postman.

The auth URL in your screenshot looks like: <clientid>.auth.<aws-region>/login but when I use my clientId and aws-region, it doesnt work.

Am I missing something?

Also is the auth URL same as domain because my domain looks like: <app-name>.auth.<aws-region>

Wilson KOMLAN

Full stack developer

Nov 9, 2022

Hi Hari,

Glad you read the post. The auth URL is :<< <clientid>.auth.<aws-region>.amazonco… >>, don't forget ".amazoncognito.com" before /login , not << <clientid>.auth.<aws-region>/login >>.

Hope this will help you.

Wilson KOMLAN Hi Wilson, Just to give an update, I used the auth URL in the format you mentioned: << <clientid>.auth.<aws-region>.amazonco… >>

but I still couldn't get it to work. I was able to sign in, was redirected to the callback URI with an auth code on browser but postman kept complaining invalid_client and was never able to fetch a token.

So I created a new app client with a client secret, used that to signin and get an auth code from the /login endpoint.

I then manually called the oauth2/token endpoint in a new tab via postman using this auth code and bunch of other attributes as mentioned in the below guide: medium.com/vedity/aws-cognito-token-generation-fo… and managed to generate the token. I was then able to use the token to call my spring boot API.

So instead of doing it in 1 step, I ended up doing 2 steps but I am mighty pleased that my API is secure with AWS cognito, all thanks to you.

I am now planning to try out your Spring boot API + AWS Fargate guide.

Thanks a lot mate! God bless you!

Search Hashnode