Provides both Authentication vs Authorization and user management for web and mobile apps.
Terrible naming.
USER POOLS- Sign-in and get JSON Web Token - (JWT), but most AWS services can’t use JWT.IDENTITY POOLS- Exchanges external identity for a set of temporary AWS Credentials for AWS Resources access. They assume IAM Role- Unauthenticated users – Guests Users.
- Federated Identity - swap identity from Google, Facebook, Twitter, SAML 2.0 & User Pool for short term AWS Credentials..
- Each external token type needs its configuration.
/Attachments/Screenshot-2023-02-15-at-01.51.49.png)
/Attachments/Pasted-image-20230215014834.png)
NOTE
When one type of token is replaced with the other, i.e. linking attributes across different providers under one entity is called Federated identity - Wikipedia
Can operate together, combined.
/Attachments/Pasted-image-20230215015507.png)