Open in app

Sign in

Write

Sign in

Redirect to your website after confirm registration using AWS Cognito with Cloud Formation

Thauany Moedano
4 min readJan 3, 2020

Amazon Web Services (AWS) is one of the biggest cloud platforms. It comes with a lot of services which make easier to deploy an application to cloud. One of the possibilities is distribute to the cloud the responsibility to administrate user access to the application. The service that I’m talking about is Cognito.

Cognito lets you add user sign-in and sign-up to your application. The advantage in use Cognito is that you can quickly implement a login/register control to your application. Also, with Cognito you don’t need to store the password of the user in the database which increases the security if your application since the passwords are managed by Amazon. Cognito splits users in User Pools and inside user pools you have user groups. This structure allows you control in detail which groups of users can access the determined groups of cloud resources. For this tutorial, it is expected some familiarity to some AWS resources as Lambdas, API Gateway and Cognito itself.

If you already worked with Cognito, you may faced the following problem: Cognito sends to your users a verification message to confirm the registration. You may edit the message in the console but the link which the user is redirected is always the same. Hopefully, the community already came with solutions, as we may see in Stack Overflow discussions, GitHub issues and other article written in Medium. In this tutorial, I’ll show how to do it using SAM framework and Cloud Formation.

This tutorial is recommended for you if…

  • You already know some AWS basics
  • You already worked with Cognito
  • You have familiarity with Lambdas
  • You have familiarity in deploying serverless API in Cloud Formation

So let’s start!

The problem

As an AWS operator, I want to send a customized confirmation message and redirect the user to my desired website after being confirmed.

Lambdas are our best hero to solve this issue. Just for a quick remember, Lambdas are pieces of function to run serverless applications. So, we may configure events that trigger the execution of lambdas or in other words: to execute our function. So, the goal is trigger a lambda function after the user register itself to, instead of send that default message from AWS, send our custom message with our custom link to validate the user and redirect to the website. But what is this link? It is a link for an API Gateway that will trigger another Lambda. This Lambda is responsible to confirm the user in Cognito manually (doing by SDK) and redirect the user to the website.

1. Create Cloud Formation template file for your lambdas

Before anything, it is needed to create the template file to create your lambda structure. This template file contains two lambdas — one for send the customized message and one for manually register the user in Cognito and redirect to the desired page.

In order to create the template file, I will use SAM framework. If you are not familiarized with SAM framework, please see how to get started here.

The template of our Lambda Custom Message should appear like that:

This template it will generate 3 things:

  • A Lambda which will be triggered by Cognito when a user register itself
  • A Lambda which will be triggered by API Gateway and it will redirect the user to your webpage
  • An API Gateway which will trigger the Lambda function

The deployment of the Cloud Formation template is up to you. You may do it using CLI, importing the template in the console or using Code Pipeline and Code Build to deploy the API automatically.

Important Detail: Remember to create your Lambda Custom Message in the same region of your Cognito. You won’t be able to trigger the Lambdas if they are not in same region!

2. Code your Lambda Custom Message and Lambda Redirect

Code examples about how to create the lambdas were given in the article I mentioned in the beginning. But I add two little contributions to this code:

In Custom Message Lambdas, you are able to style the message in the way you want. This means that you can add HTML and some styles to present a prettier message.

Quick tip: Any event relationed with MFA and verification messages will trigger this Lambda. That’s why is important to filter using a if-condition which type of custom message is invoking the Lambda. Hopefully, Amazon provides a complete explanation about Custom Message Trigger.

In Redirect Lambda, you can return the response as a HTTP redirect response:

3. Configure your Cognito User Pool to invoke the Lambda

If you are creating the user pool at the time of this tutorial, you are able to create the Cognito in the Cloud Formation template and link the Lambda as a Cognito Event (the same way I did to the API). But most of the cases, you already have your Cognito running. In this case, you have to go manually to AWS Console and select the Lambda Trigger.

Go to your AWS Console and look for Cognito Service. In Triggers section, select the Custom Message Lambda you just create in the step before.

Don’t forget! To finish the configuration, go to Message Customizations and in “Do you want to customize your email verification messages?” section, choose ‘Code’. If you don’t do that, Cognito will keep sending the default message instead of trigger the Lambda.

Now, every time a user sign in your application, it will receive a friendly message and it will be redirected to a page you desired after click to confirm the login. You can check the complete boilerplate of this tutorial here.

AWS Lambda
AWS
Cloudformation
Aws Cognito
Cloud

--

--

Thauany Moedano

Written by Thauany Moedano

3 Followers

Software Developer, Cloud enthusiast

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams