How to use aws cognito to share session across apps for seamless user experience on device?

Question

Once user is logged-in to any app he should not be asked for credentials for any other app. Sharing a single access-token stored in local storage seems a default but somehow bad idea. In case of Google apps on Android/web it surely does not use this solution, how do they do session sharing across apps implicitly?.

I am using AWS Cognito, it provides a User Pool in which I can have multiple apps registered to use the pool. Is there a way to get access token for a user request (without credentials like password) coming from a different app since the user is already logged in to pool via previous app login-request?

+1 same problem here... 2 websites with different technologies (react.js and webforms) I need to share the user when I redirect him from one app to another like Jira and Confluence do — Joan Vilariño, Dec 19 '18 at 15:32
Hey did you find any solution to this. I want to use the same session in between my react app and wordpress application. — Aman Gupta, Apr 11 '19 at 06:06
Ideally, it should be done with secure cookies (which are handled by the browser, not by localStorage/js) and set the cookie domain suffix that must be the same in frontend and backend due CORS and privacy concerns. — Washington Guedes, Jul 15 '21 at 20:47
Hey did you ever solve this? also wanting to do something similar — Julien S., May 02 '22 at 18:15
Curious if anyone has found a solution to this? I'm running into the same problem. — Casey Davidson, Apr 21 '23 at 19:26

score 2 · Answer 1 · answered Jul 17 '21 at 14:09

2

We‘re also trying to create a SSO experience for our customers across all our apps so that they only have to login once and get access to all apps.

AWS has a repo for that and it also might be interesting for you: https://github.com/awslabs/aws-amplify-identity-broker

Currently, we‘re making a POC if it works out, but basically you need to proxify the cognito API‘s with your custom OIDC compliant endpoints.

answered Jul 17 '21 at 14:09

lucbas

847
1
9
16

Did it work? Let me know, I have similar use-case – Vikas Saini Sep 28 '22 at 10:31
1

any update on this? i'm also trying to do something very similar – Nivethan Oct 18 '22 at 07:34
@Nivethan it worked within the POC, but we decided to use the simpler variant of just AWS amplify and regular Cognito – lucbas Oct 24 '22 at 20:21
@lucbas why? any issue with the broker? and how did you managed to do with just AWS amplify and cognito bcz i tried a lot to do that but i couldn't do it! – Nivethan Oct 26 '22 at 02:45

How to use aws cognito to share session across apps for seamless user experience on device?

1 Answers1