DEV Community


Posted on • Updated on

Strapi Authentication via Provider

If you use a 3rd party provider in Strapi for authentication, the access token works a little differently.

The access token that you receive from cognito is not valid in Strapi. You need to retrieve a token from strapi.

From the frontend app, read the query string from cognito after successful authentication and submit both the id_token and access_token to this Strapi endpoint.

If you are using the AWS Amplify SDK, Auth.currentSession() will return a CognitoUserSession containing the accessToken and idToken.

const data = await Auth.currentSession()
const access_token = data.accessToken.jwtToken
const id_token = data.idToken.jwtToken
Enter fullscreen mode Exit fullscreen mode

Send both Cognito tokens to the callback URL so that you can get a Strapi JWT that you can then use for all subsequent calls to Strapi. By calling this URL, Strapi will automatically create a new record in the User table.


You will receive the following response.

"jwt": "<access token> that you can use thereafter",
"user": {
  "id": 1,
  "username": "google_999999999999999999",
  "email": "",
  "provider": "cognito",
  "confirmed": true,
  "blocked": false,
  "createdAt": "2022-05-30T02:50:08.907Z",
  "updatedAt": "2022-05-30T02:50:08.907Z"
Enter fullscreen mode Exit fullscreen mode

Top comments (1)

juliosmorelos profile image

By calling ${backendUrl}/api/auth/${params.providerName}/callback?id_token=xxx&access_token=yyy i receive an error 400.

So I guess I am having an error in the strapi provider configuration. Could you give more info about it?