This guide explain how to configure AWS Cognito with Hoop.
Requirements
- Hoop Command Line
- An account in AWS
API_URLis the public DNS name of the hoop gateway instance
Contact the administrator of the hoop gateway instance to retrieve the
API_URL address.1) Create a User Pool
- Go to AWS Management Panel > AWS Cognito > User Pools > Create User Pool
- Select the checkbox User Name and Email and click Next
- In Multi Factor Authentication, change it No MFA and click Next
- In Requirement Attributes select:
nameand click Next
- On Message Delivery configure it and click Next
Integrate Your App Section
- Select a name for the user pool. e.g.: hoopgateway
- Select the checkbox Use the Cognito Hosted UI
- Configure the Cognito domain
- In Initial App Client, select Public Client and add an App client name
- Select the option Generate Client Secret
- Add the URL of the callback to
{API_URL}/api/callback
- In Advanced app client settings, select the checkbox ALLOW_USER_PASSWORD_AUTH
- Configure the scopes Email, OpenID and Profile
- Leave all the rest of options as default, click in Next and create the user pool
2) Collect the IDP_CLIENT_ID and IDP_CLIENT_SECRET
- Go to the user pool created
- Select the tab App Integration > Click on
hoopauth
- Copy the Client ID and Client Secret
3) Collect the IDP_ISSUER
The URL is composed by the id of the user pool:
https://cognito-idp.<aws-region>.amazonaws.com/<user-pool-id>
4) Create a test user to authenticate
Select the created user pool and create a user
