Cognito User Poll - Add User via API Gateway

Serverless Framework
, ,
1

Hello Guys.

I am trying create user in Cognito User Pool… I was able to handle user authorisation using this article https://www.serverless.com/blog/serverless-auth-with-aws-http-apis but I was not able to create user using an API Gateway / Lambda endpoint.

Do you have any reference how I should create a lambda function to be able to create a new users instead of using Host UI interface?

My objetive is use Cognito User Pool as my primary database for user authentication.

Thanks in advanced.
Daniel

2

Which programming language are you using? And what are you using to build your front end website?

Cognito has a lot of flexibility so it would be difficult to answer this. AWS Amplify might be a good solution for you here. It allows you to host your own UI, but does a lot of the work for you.

3

Hello,

I am using NodeJS and so far I am not thinking about front end because I will create several API / microservices before start building the front end …

Yes, I can use amplify but I’d like create user pool management using serverless …

Any recommendation?

Thanks for your reply

4

You need to use the AWS sdk package and then use the functions listed in this page: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminGetUser.html

The functions that start with ‘admin’ can handle creating cognito users etc.

You will need to make sure that your app has the correct AWS permissions to do these tasks.

1 Like
5

Thanks a lot… I will read it and implement as defined in this document.

Another question, based on your experience, what is a good / best way to do user authentication? Is it using cognito user poll or implement a DynamoDB table with users credentials ?

Thanks in advanced.

6

Cognito is difficult to learn but i think it’s worth it. There are many things to think about with auth:

  • unique usernames
  • password strength / complexity
  • account validation email / sms
  • account lockout after a number of failed attempts
  • password reset
  • multi factor auth

It would be REALLY difficult to to recreate all of this, and then you have to be responsible for making sure that it’s really secure. I prefer AWS to do that for me!

And they give you 50,000 monthly active users for free, which is also great.

Serverless Framework also works well with auth0 which seems more popular than cognito. but I haven’t used this myself. Might be worth checking out if you don’t like Cognito.

1 Like
7

Have worked with both, auth0 is definitely more mature, but if you want to remain only inside aws, cognito will do

1 Like