Updating documentation with AWS Cognito provider configuration in use…

…rs-permissions doc.
strapi · Oct 3, 2020 · a3b94a7 · a3b94a7
1 parent 1dfd824
commit a3b94a7
Showing 1 changed file with 36 additions and 0 deletions.
diff --git a/docs/v3.x/plugins/users-permissions.md b/docs/v3.x/plugins/users-permissions.md
@@ -317,6 +317,42 @@ Wait a few seconds while the application is created.
 
 :::
 
+::: tab AWS Cognito
+
+#### Using ngrok
+
+AWS Cognito accepts the `localhost` urls. <br>
+The use of `ngrok` is not needed.
+
+#### AWS Cognito configuration
+
+- Visit the AWS Management Console <br> [https://aws.amazon.com/console/](https://aws.amazon.com/console/)
+- If needed, select your **Region** in the top right corner next to the Support dropdown
+- Select the **Services** dropdown in the top left corner
+- Click on **Cognito** in the `Security, Identity & Compliance` section
+- Then click on the **Manage User Pools** button
+- If applicable either create or use an existing user pool. You will find hereafter a tutorial to create a User Pool <br> [https://docs.aws.amazon.com/cognito/latest/developerguide/tutorial-create-user-pool.html](https://docs.aws.amazon.com/cognito/latest/developerguide/tutorial-create-user-pool.html)
+- Go to the **App clients** section in your cognito user pool and create a new client with the name `Strapi Auth` and set all the parameters and then click on **Create app client**
+- You should now have an **App client id** and by clicking on the button **Show Details** you will be able to see the **App client secret**. Do copy those two values **App client id** and **App client secret** somewhere for later use when configuring the AWS Cognito provider in Strapi.
+- Go to the **App integration section** and click on **App client settings**
+- Look for your app client named `Strapi Auth` and enable Cognito User Pool by checking it in the **Enabled Identity Providers** section of your newly created App client
+- Feel in your callback URL and Sign out URL with the value `http://localhost:1337/connect/cognito/callback` or the one provided by your AWS Cognito provider in Strapi
+- In the **Oauth 2.0** section select `Authorization code grant` and `Implicit grant` for the **Allowed OAuth Flows** and select `email`, `openid` and `profile` for the **Allowed OAuth Scopes**
+- You can now click on **Save changes** and a link to the **Launch Hosted UI** will now be visible. You can click on it in order to display the AWS Cognito login page. Copy the URL of that login page (everything between `https` and `/login`). This will be the **Host URI (Subdomain)** value for your strapi configuration
+
+#### Strapi configuration
+
+- Visit the User Permissions provider settings page <br> [http://localhost:1337/admin/plugins/users-permissions/providers](http://localhost:1337/admin/plugins/users-permissions/providers)
+- Click on the **Cognito** provider
+- Fill the information (replace with your own client ID and secret):
+  - **Enable**: `ON`
+  - **Client ID**: fill in the **App client id** (`5bd7a786qdupjmi0b3s10vegdt`)
+  - **Client Secret**: fill in the **App client secret** (`19c5c78dsfsdfssfsdfhpdb4nkpb145vesdfdsfsffgh7vwd6g45jlipbpb`)
+  - **Host URI (Subdomain)**: fill in the URL value that you copied earlier (`myapp67b50345-67b50b17-local.auth.eu-central-1.amazoncognito.com`)
+  - **The redirect URL to your front-end app**: `http://localhost:3000/connect/cognito/redirect`
+
+:::
+
 ::: tab Twitter
 
 #### Using ngrok