Enable Social Login AWS Cognito: Add Google Login
The series also contains:
This feature provided by AWS Cognito allows you to implement 3-rd party sign-in with minimum steps and no code.
Step 1: You need Cognito User Pool and A Facebook account (Obviously)
Mark down the url you created in the Cognito User Pool, and here is: https://demosociallogin.auth.us-east-1.amazoncognito.com which is called user-pool-domain
Step 2: Create A project (or with your already created app) and configure OAuth
Go to the Google Developers Console (actually, now it has been merge to gcp console) and create a new project.
Give the project a name and click “CREATE”
Now, navigate to “OAuth consent screen” under “APIs and services” with the menu on the left side, create a new one.
Enter required informations. For “Authorised domains”, edit or add a new domain of “amazoncognito.com”. And then “SAVE AND CONTINUE”
Add scopes (e.g., openid, …/auth/userinfo.email) as needed on the following page, click “SAVE AND CONTINUE” all the way to Summary (Step 4). Then “back to dashboard”.
Step 3: Get OAuth 2.0 client credentials for later use.
Create a new “OAuth client ID” on the “Credentials” page.
Select “Web application” as Application type and add https://<user-pool-domain> (which is https://demosociallogin.auth.us-east-1.amazoncognito.com in this tutorial) to “Authorised JavaScript origins”. Add https://<user-pool-domain>/oauth2/idpresponse to “Authorised redirect URIs”. Then “CREATE”.
On the following page, not down your “Client ID” and “Client secret” which will be needed for the following step. Or you can always retrieve them by click into the Client you just created.
Step 3: Configure “Sign-in with Google” in Cognito console
Go to the Amazon Cognito Console and choose the user pool you which need to be configured.
Navigate to the “Sign-in experience” tab and click “Add identity provider” under “Federated identity provider sign-in”.
Choose “Google”. Fill in the details “Client ID” and “Client secret” you noted earlier on Google Cloud console. And add “profile email openid” into “Authorize scope”. Click “Add identity pool”.
Edit attribute mapping for Google.
Now, go to the “App client”, “Edit Hosted UI” and make sure “Facebook” is enabled as an Identity Provider.
Save change. And you can see “Continue with Google” has been activated in your hosted UI.
Congratulations! You have now add Facebook login to your app.
Try demosociallogin.victorhzhao.com for the demo of this tutorial.
If you found this article helpful, please do not hesitate in sharing it and follow me. Claps and commands are also welcomed! Thank you for reading it.
