Amazon Cognito is a service that provides authentication, authorization, and user management for your web and mobile games. Players can sign-up and sign-in directly with a username and password, or through third party identity providers like Facebook, Amazon, or Google. There are two main components of Amazon Cognito:
user pool is a user directory that provides sign-up and sign-in options for your app users. Users in a user pool have an associated directory profile.
identity pool enables you to grant temporary AWS credentials to access AWS services to players. Identity pools support anonymous guest users.
For this workshop, you will practice creating a user pool to authenticate players and integrate it into your Unity game.
Sign into the AWS Management Console and on the Services menu, click
Cognito or click this quick link.
Manage User Pools.
Create a user pool.
Add a name for your user pool. For this example,
AWSUserPool will be used as the name.
Step through settings to get a better understanding of the customizations and features Cognito offers.
attributespage where you can begin to customize your user pool.
You can define how you want your users to sign-in. For now, leave it as default, which allows your users to sign-in with a username and password. Optionally, you can allow your users to sign-in with an email or phone number as well.
There are also different attributes that you can require during the sign-up process. These are fields that are required when signing up for a user account. Leave the default email attribute selected. You can also add custom attributes.
Review the other customizations you can make on this page, leave them as default, and select
This page shows other features you can enable, like Multi-Factor Authentication to add an extra layer of security when your users sign-in. You also have to provide a role to allow Amazon Cognito to send SMS messages to users on your behalf. This is called an IAM role, which is our Identity and Access Management service that helps define access and management permissions for your AWS users and resources.
Verification typefrom Code to Link.
This will allow your users to verify their email in a convenient way by clicking a link during the sign-up process.
Add tag and enter the following configurations:
Tag Key: Name
Tag Value: Cognito User Pool for AWS Serverless Unity Game
You can add tags to your AWS resources, which will help you identify them easily, keep your resources organized, and can help better understand billing costs.
Under “Do you want to remember your user’s devices?” leave the default
“No” selected for now, and click
This is a feature that helps enable device tracking and remembering. It can provide insight into the usage of your app’s users and reduce the friction associated with Multi-Factor Authentication.
On this page, select
Add an app client and configure:
App client name: AppClient
Unselect Generate client secret
Unselect Enable lambda trigger based custom authenticatiton
Select Enable username password based authentication
Create app client. Your configurations should look like the following:
Within Cognito, an app is an entity within a user pool that has permission to call unauthenticated APIs, such as APIs to register, sign in, and handle forgotten passwords. This does not require an authenticated user. To call these APIs, an app client ID is necessary.
On this page you can create customized workflows using AWS Lambda functions to create triggers. For example, you can define authentication challenges, like completing a CAPTCHA.
Accept the defaults and click
Review your configurations for your Cognito user pool. Click
Now, you will be at a page where you can view and edit the general settings of the user pool you just created. On the left-hand navigation panel under
App Integration, select
Add a unique prefix to your Amazon Cognito domain to be able to use the user pool within your mobile game.
Check availability to make sure your domain name is unique.
There is some information you will need to reference later when you are adding Cognito functionality to your Unity game. On the left-hand navigation panel, click
At the top of the page, you will see your
Pool Id. Save this in a notepad for later.
On the left-hand navigation panel under
App integration, select
App client settings. You will see your
App client ID. Save this in a notepad for later as well.
Congratulations! You have created your Amazon Cognito user pool successfully.