AWS Cognito:Cognito 用户池的元数据 URL 在哪里?
AWS Coginto: where is the metadata URL of Cognito User Pool?
我正在尝试使用 AWS Cognito 作为我在 AWS API 网关中的 REST API 的授权方。
它让我填写 Issuer URL
:
我翻遍了 AWS Cognito 用户池页面,没有这样的东西。
我在这里找到了一个相关的答案:
我引用:
Issuer URL: Check the metadata URL of your Cognito User Pool
(construct the URL in this format :: https://cognito-idp.
[region].amazonaws.com/[userPoolId]/.well-known/openid-configuration
:: look for a claim named "issuer". Copy its Value and paste it here.
我当然可以像上面说的那样构建url。
但是,metadata URL of my Cognito User Pool
在哪里????
我是不是错过了一些非常基本的东西,问这个问题是不是太傻了?
在哪里??
这让我发疯。
Cognito 用户池的颁发者 URL 具有以下格式:
https://cognito-idp.[region].amazonaws.com/[userPoolId]
如您所述,您可以从 Cognito 著名的元数据端点获取它,该端点位于
https://cognito-idp.[region].amazonaws.com/[userPoolId]/.well-known/openid-configuration
这个文件是JSON格式的,包含一个issuer
字段,其中包含上面提到的URL。整个文件如下所示:
{
"authorization_endpoint":"https://cognito-idp.[region].amazonaws.com/[userPoolId]/authorize",
"id_token_signing_alg_values_supported":[
"RS256"
],
"issuer":"https://cognito-idp.[region].amazonaws.com/[userPoolId]",
"jwks_uri":"https://cognito-idp.[region].amazonaws.com/[userPoolId]/.well-known/jwks.json",
"response_types_supported":[
"code",
"token"
],
"scopes_supported":[
"openid",
"email",
"phone",
"profile"
],
"subject_types_supported":[
"public"
],
"token_endpoint":"https://cognito-idp.[region].amazonaws.com/[userPoolId]/token",
"token_endpoint_auth_methods_supported":[
"client_secret_basic",
"client_secret_post"
],
"userinfo_endpoint":"https://cognito-idp.[region].amazonaws.com/[userPoolId]/userInfo"
}
我正在尝试使用 AWS Cognito 作为我在 AWS API 网关中的 REST API 的授权方。
它让我填写 Issuer URL
:
我翻遍了 AWS Cognito 用户池页面,没有这样的东西。
我在这里找到了一个相关的答案:
Issuer URL: Check the metadata URL of your Cognito User Pool
(construct the URL in this format :: https://cognito-idp.
[region].amazonaws.com/[userPoolId]/.well-known/openid-configuration
:: look for a claim named "issuer". Copy its Value and paste it here.
我当然可以像上面说的那样构建url。
但是,metadata URL of my Cognito User Pool
在哪里????
我是不是错过了一些非常基本的东西,问这个问题是不是太傻了?
在哪里??
这让我发疯。
Cognito 用户池的颁发者 URL 具有以下格式:
https://cognito-idp.[region].amazonaws.com/[userPoolId]
如您所述,您可以从 Cognito 著名的元数据端点获取它,该端点位于
https://cognito-idp.[region].amazonaws.com/[userPoolId]/.well-known/openid-configuration
这个文件是JSON格式的,包含一个issuer
字段,其中包含上面提到的URL。整个文件如下所示:
{
"authorization_endpoint":"https://cognito-idp.[region].amazonaws.com/[userPoolId]/authorize",
"id_token_signing_alg_values_supported":[
"RS256"
],
"issuer":"https://cognito-idp.[region].amazonaws.com/[userPoolId]",
"jwks_uri":"https://cognito-idp.[region].amazonaws.com/[userPoolId]/.well-known/jwks.json",
"response_types_supported":[
"code",
"token"
],
"scopes_supported":[
"openid",
"email",
"phone",
"profile"
],
"subject_types_supported":[
"public"
],
"token_endpoint":"https://cognito-idp.[region].amazonaws.com/[userPoolId]/token",
"token_endpoint_auth_methods_supported":[
"client_secret_basic",
"client_secret_post"
],
"userinfo_endpoint":"https://cognito-idp.[region].amazonaws.com/[userPoolId]/userInfo"
}