Skip to content

A Cognito CLI that aims to help with user management during development.

License

Notifications You must be signed in to change notification settings

sungly/cognito-cli

Folders and files

NameName
Last commit message
Last commit date

Latest commit

8917e94 · Jan 8, 2021

History

46 Commits
May 18, 2020
May 1, 2020
Mar 28, 2020
Jan 8, 2021
Mar 28, 2020
May 4, 2020
Mar 28, 2020
Mar 28, 2020
Jan 8, 2021
May 2, 2020
Jan 8, 2021
May 1, 2020
Jan 8, 2021
Jan 8, 2021
May 1, 2020

Repository files navigation

cognito-cli

CLI for Cognito user life cycle management and basic user authentication to retrieve JWTs (access token, id token and refresh token).

cognito-cli is a wrapper around aws-sdk and is intended to make user management easier instead of having to write a script for one time user management during local development.

Requirements

  • AWS credentials

    When interacting with Amazon Cognito, it is a requirement to have aws credentials. There are a few methods available to you for getting these credentials. Read here.

    Once you have obtained aws access id and aws access secret, save them to ~/.aws/credentials:

    [default]
    aws_access_key_id=
    aws_secret_access_key=
    
  • Enable USER_PASSWORD_AUTH on the app client

    General > App client > show details > Enable username password based authentication (ALLOW_USER_PASSWORD_AUTH)

Install

Install globally in order to call cognito-cli from anywhere:

npm install -g @sungly/cognito-cli

Add the following to ~/.cognito/config:

user_pool_id=
client_id=
client_secret=
region=ca-central-1
requiredAttributeList=["email", "given_name", "family_name"]

The requiredAttributeList is used for user registration. Make sure to include attributes that are required for your user pool.

Usage

cognito-cli <command>

Available Commands:
init                        # initializing the CLI

login                       # retrieve access, id and refresh token via USER_PASSWORD_AUTH against a specified user pool in the config.

srp-login                   # retrieve acesss, id and refresh token via SRP authentication.

create-user                 # create a user profile using the `requiredAttributeList`

confirm-user                # confirm user registration with a confirmation code

resend-confirmation-user    # resend the confirmation code

forgot-password             # trigger the forgot password flow

### admin calls - Note these calls require additional IAM privileges

set-user-password           # set user with a new password

get-user-profile            # get the user profile from cognito

verify-user-email           # verify user email in order to get emails

disable-user                # disable user from logging in

enable-user                 # allow user to login

batch-delete-users          # delete all users from a user pool

Other commands
decode-token                # decode JSON web tokens

cognito-cli version         # get the cli version

cognito-cli help            # get help instruction

License

MIT