In this tutorial, we will cover how to create Lambda functions for custom authentication flows. This is useful if you want to:
The approach we will follow with these Lambda functions assume that this is a first-time login in a signup flow or that you have a custom flow that authenticates the user. If you don’t have any scenarios yet, have a look at our templates.
Go to your Lambda console, where we will create 3 Lambda functions:
Create the first function, name it “defineCustomAuthChallenge” and add the following code:
Create the second function, name it “createCustomAuthChallenge” and add the following code:
Create the third function, name it “verifyCustomAuthChallenge” and add the following code:
As we are using JSON Web Tokens (JWT) to communicate with Amazon Cognito, we need to create a secret key to sign the JWT. Go to Configuration -> Environment variables -> Edit and add a variable with Key “JWT_SECRET_KEY” and a long random string as Value.
Add a Lambda trigger under your User pool properties
Click on Add Lambda trigger
Create 2 additional Lambda triggers with the 2 remaining Lambdas functions:
Once your Lambda triggers are created, you login users by generating custom JWTs in your backend with the following information:
And using the Amplify SDK with the following methods:
In Arengu, and if you've started from a template, you will only need to add the secret to the "Sign JSON web token" action:
And configure the Ending screen settings, that will automatically use the Amplify SDK if it's configured in your site: