Lucia logo

Lucia

Amazon Cognito OAuth provider

OAuth integration for Amazon Cognito’s hosted UI. Refer to the Cognito docs:

Provider id is cognito.

import { cognito } from "@lucia-auth/oauth/providers";
import { auth } from "./lucia.js";

const cognitoAuth = cognito(auth, configs);

cognito()#

const cognito: (
	auth: Auth,
	config: {
		clientId: string;
		clientSecret: string;
		redirectUri: string;
		scope?: string[];
		userPoolDomain: string;
	}
) => CognitoProvider;
Parameters#
nametypedescriptionoptional
authAuthLucia instance
config.clientIdstringCognito app client id
config.clientSecretstringCognito app client secret
config.redirectUristringan authorized redirect URI
config.scopestring[]an array of scopes - openid is always included
config.userPoolDomainstringAmazon Cognito’s user pool domain
Returns#
typedescription
CognitoProviderCognito provider

Interfaces#

CognitoAuth#

See OAuth2ProviderAuth.

// implements OAuth2ProviderAuth<CognitoAuth<_Auth>>
interface CognitoAuth<_Auth extends Auth> {
	getAuthorizationUrl: () => Promise<readonly [url: URL, state: string]>;
	validateCallback: (code: string) => Promise<CognitoAuth<_Auth>>;
}
type
CognitoUserAuth
Generics#
nameextendsdefault
_AuthAuthAuth

CognitoTokens#

type CognitoTokens = {
	accessToken: string;
	refreshToken: string;
	idToken: string;
	accessTokenExpiresIn: number;
	tokenType: string;
};

CognitoUser#

type CognitoUser = {
	sub: string;
	"cognito:username": string;
	"cognito:groups": string[];
	address?: {
		formatted?: string;
	};
	birthdate?: string;
	email?: string;
	email_verified?: boolean;
	family_name?: string;
	gender?: string;
	given_name?: string;
	locale?: string;
	middle_name?: string;
	name?: string;
	nickname?: string;
	phone_number?: string;
	phone_number_verified?: boolean;
	picture?: string;
	preferred_username?: string;
	profile?: string;
	website?: string;
	zoneinfo?: string;
	updated_at?: number;
};

CognitoUserAuth#

Extends ProviderUserAuth.

interface CognitoUserAuth<_Auth extends Auth> extends ProviderUserAuth<_Auth> {
	cognitoUser: CognitoUser;
	cognitoTokens: CognitoTokens;
}
propertiestypedescription
cognitoUserCognitoUserCognito user
cognitoTokensCognitoTokensAccess tokens etc
Generics#
nameextends
_AuthAuth