A mobile App developer just made an App in both IOS and Android with a feature to count step numbers.
He has used AWS Cognito to authorize users to provide access to the AWS DynamoDB table.
The App uses the DynamoDB table to store user subscriber data and many steps.
Now the developer also needs Cognito to integrate with Google to provide federated authentication for the mobile application users so that the user does not need to remember extra login access.What should the developer do to authenticate and authorize the users with suitable permissions for the IOS and Android App? (Select TWO.)
Click on the arrows to vote for the correct answer
A. B. C. D. E.Correct Answer - A and C.
One common use case for Amazon Cognito is to access AWS Services with an Identity Pool.
For the Identity pool itself, it can include:
Users in an Amazon Cognito identity pool.
Users who authenticate with external identity providers such as Facebook, Google, or a SAML-based identity provider.
Users authenticated via your own existing authentication process.
Option A is CORRECT because Identity pool can be used to set up the federated identities through third-party identity providers such as Google.
Option B is incorrect: Because Google federated identities work for both Android and IOS.
Refer to https://docs.aws.amazon.com/cognito/latest/developerguide/google.html on the details.
Option C is CORRECT because the User Pool is where the federated identity would be set-up and the Identity Pool is where permissions would be granted.
Please also check https://aws.amazon.com/premiumsupport/knowledge-center/cognito-user-pools-identity-pools/ for the differences between User pools and Identify pools.
User pools are for authentication (identify verification), while Identity pools are for authorization (access control).
Option D is incorrect: Same reason as Option.
B.
To integrate Google authentication into the mobile app for users, the mobile app developer should use Amazon Cognito User Pools or Identity Pools. Both of these services support user authentication through federated identity providers, including Google.
Answer A is correct. Amazon Cognito Identity pools (federated identities) support user authorization through federated identity providers, including Amazon, Facebook, Google, and SAML identity providers. The developer just needs to set up the federated identities for Google access. This will allow the user to log in using their Google credentials, without needing to remember any additional login information. The developer can also set up the necessary permissions for users to access the DynamoDB table.
Answer C is also correct. Amazon Cognito User pools support user authentication through federated identity providers, including Amazon, Facebook, Google, and SAML identity providers. The developer just needs to set up the federated identities for Google access in the Cognito User Pool. The user can log in using their Google credentials, and the developer can set up the necessary permissions for users to access the DynamoDB table.
Answer B and D are incorrect. Both Android and iOS support federated identities through Amazon Cognito. Google access can be configured for Cognito identity pools with a Google Client ID for both Android and iOS.
Answer E is incorrect. Google federated access works for both Android and iOS mobile applications with Amazon Cognito.