Skip to content

User Login with AWS Cognito

Estimated time to read: 3 minutes

In this guide, you will learn how a Vanilla HTML/CSS/JS app integrated with the Arcana Auth SDK can easily onboard users via custom login UI and AWS Cognito as the authentication provider.

Prerequisites

Steps

Using AWS Cognito to onboard users in a Web3 app that is integrated with the Arcana Auth SDK is simple!

Just a single line of code!

Call loginWithSocial function

Make sure that all the prerequisites listed above are met. The app should be successfully registered, configured, and integrated with the Arcana Auth SDK, before adding code to onboard users via AWS Cognito.

await auth.loginWithSocial('aws')

Check if a user is logged in:

const connected = await auth.isLoggedIn()

After onboarding users, developers can add code to access the other Arcana Auth SDK functions in the app. See Arcana Auth SDK Usage Guide for details.

Add code in the application to log out an authenticated user:

await auth.logout()

That is all!

Your app is all set for authenticating users via AWS Cognito. Authenticated users can instantly access the Arcana wallet to sign blockchain transactions.

Apps using IAM Providers

Apps usually use Arcana Auth SDK for user onboarding and blockchain transaction signing. Authentication providers must be set up in the Arcana Developer Dashboard before integrating with the SDK.

Some apps might use third-party IAM providers like AWS Cognito for authentication but still use Arcana Auth SDK to access Arcana wallet. The setup is different since third-party IAM providers support authentication verifiers like Google directly.

Developers only need to set up the IAM provider in the Arcana Developer Dashboard. They don't need to configure authentication verifiers that work directly with the IAM providers. Use the IAM provider's console, like Cognito Developer Console, to set up authentication verifiers like Google, not the Arcana Developer Dashboard.

No Aggregate Login with Cognito

The aggregate login feature does not work for the third-party IAM providers such as Cognito.

If a user has the same email ID registered with say a social login provider and with Cognito, logging into an app using Cognito will create a new unique user account even if the user uses the same email as the one used with a social login provider or via the passwordless option. What this means is that the wallet address for the same user will be different when Cognito is used to log in and subsequently a social login provider or passwordless login is used by the same user having the same email ID.

Arcana JWT Token

Upon successful authentication, Arcana Auth SDK returns a unique JWT token to the app called the Arcana JWT Token. App developers can access this token via getUser() method and refer to the loginToken field of the UserInfo object.

Developers can use this token to verify the user and subsequently generate another token for app use if required.

In the future, the Arcana JWT Token will be deprecated. Use userDIDToken to verify user.

Upon successful authentication, Arcana Auth SDK returns a unique DID token to the app called the Arcana DID Token. App developers can access this token via getUser() method and refer to the userDIDToken field of the UserInfo object.

Developers can use this token to verify the user and subsequently generate another token for app use.

What's Next?

Authenticated users can instantly access the in-app Arcana wallet UI for signing blockchain transactions. Use the AuthProvider EIP-1193 standard Ethereum provider to call JSON/RPC functions and Web3 wallet operations in the app. Learn more...

See also

Last update: March 29, 2024 by shaloo, shaloo