Cognito Flashcards

1
Q

Cognito

What do you give and get from a User Pool?

A

Give creds, get JSON web token

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Cognito

How does a User Pool get access to AWS for users?

A

It doesn’t. Yea, strange. It only gives JWTs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Cognito

Where do identities come from for User Pools?

A

Internal database or federated identity providers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Cognito

What identity providers can you link to a User Pool?

A

Facebook, Google, Amazon, Apple, SAML, Open ID Connect

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Cognito

What do you give and get from an Identity Pool?

A

Give external assertion, get temp AWS creds

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Cognito

What are examples of sources of identities for an IdP?

A

Facebook, Google, Amazon, Apple, Tritter, SAML, Cognito User Pool JWT!

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Cognito

What do you do with a JWT from a User Pool?

A

Use it in your on-prem systems, exchage for creds with Identity Pool, or use with API Gateway.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Cognito

How do you use Cognito IdP to support Google and Facebook login?

A

Can’t. Each IdP is a single provider. Create two pools, and handle two types of logins.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Cognito

How to you architect around many external providers of identity (Google+Facebook)?

A

Cognito User Pool for all providers, get single JWT, IdP with only User Pool as identity provider.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Cognito

What roles are set up in a Cognito IdP?

A

Authenticated and Unauthenticated (guest access) IAM Roles.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Cognito

If I can use Google (for example) with both User Pool and IdP, why have both?

A

User Pools are about redirecting users to the right place, IdPs start with the external token already acquired.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Cognito

Can you do MFA with Cognito users?

A

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Cognito

How does Cognito save you (a dev) development time?

A

Customizable web UI to sign-up and manage your user account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Cognito

What type of auth does a Cognito user UI provide?

A

OAuth 2.0

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Cognito

How do you customize what happens inside Cognito?

A

Link your custom AWS Lambda functions to trigger on Cognito events

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Cognito

What does Cognito do with tokens returns from IdPs?

A

Normalizes them into a Cognito User Pool Token (CUP Token)

17
Q

Cognito

Why convert to CUP?

A

Each IdP has different formats for their tokens. Normalize them.

18
Q

Cognito

What can you do with a CUP token?

A

Send it to an Identity Pool to get AWS creds, config API GW to use them directly.