I am using AWS Amplify for Flutter plugin to use Cognito for User authentication. When I executed amplify add auth followed by amplify push, a CloudFormation stack is created with several resources -including a User Pool and Identity pool.Two app clients are also created. One of them is being referred in the lib/amplifyconfiguration.dart in my Flutter App.
Using the Cognito API, I able to sign up new users to the User pool. I am able fetch Secret Keys, ID token using the following code.
CognitoAuthSession session = await Amplify.Auth.fetchAuthSession(options: CognitoSessionOptions(getAWSCredentials: true));
print('Access key: ${session.credentials.awsAccessKey}');
print('Secret Key: ${session.credentials.awsSecretKey}');
print('Identity ID: ${session.identityId}');
print('User Pool tokens: ${session.userPoolTokens.accessToken}');
print('User Pool tokens: ${session.userPoolTokens.idToken}');
What I don't understand is the app client that is referenced in the app did not enable the User pool as identity provider (See the picture). Also no OAuth Flow is selected.
- My assumption is that since the
Cognito User Poolis not enabled for the app client, when I tried to add a new user, the could should fail. But, it did not. - As no OAuth flow selected, no ID Token should be returned. But I could fetch ID Token, access token.
The Amplify cli also created an Identity pool, a couple of roles (for Unauthenticated, and authentcated users). It is referencing the User pool.
What am I missing here ? Even though the User pool is not enabled, how it is able to store users ?
Thank you for your time.