Lab 2.1: Cognito User Pool
Skills covered: 2.1.1, 2.1.2, 2.1.7
Mục tiêu
- Tạo Cognito User Pool, App Client
- Sign-up, sign-in, verify JWT tokens
Bước 1: Tạo User Pool
- Sign-in: Email, Password policy: Min 8 chars, MFA: Optional
Bước 2: App Client
- No client secret (public apps), OAuth: Authorization code grant, Hosted UI
Bước 3: Sign-up & Sign-in
- Hosted UI → Sign up → Verify email → Sign in
- Receive tokens (ID, Access, Refresh)
- Decode JWT tại jwt.io → inspect claims
Bước 4: API Gateway + Cognito Authorizer
- Authorizers → Create Cognito authorizer
- Request without token → 401
- Request with valid token → 200
Kiểm tra kiến thức