App Sync API without Amplify
What if we want to include AWS App Sync API in our project without using Amplify?
Let’s look at how we can access APIs that have been hardened with Cogito Identity Pool. Here, I am simulating the use case by access App Sync API through a third party GraphQL client such as GraphiQL.
- You need access_token obtained from login from Cognito Pool Hosted login
- Go to Cognito Pool > App Integration > App Client Settings
- Use a Client Configuration with following settings:
- Cognito User Pool checked in
- Callback URL entered (You could just use https://google.com)
- OAuth 2.0 -> Implicit Grant, Open Id
4. Launch Hosted UI, login, and it will take you to Call Back URL
5. Look at the address bar: Get the value of https://Callbackdomain/#idtoken=<idtoken>&accesstoken=<access token>&expiresin=3600&tokentype=Bearer
6. Use it in GraphQL client tool with Authorization <access token> please note there is no Bearer key word in the Authorization
- Now you can use GraphQL clients to access App Sync API
The key here is getting the access token before attempting to get to the resources. If you a authentication flow enabled with Cognito User or Identity Pool you shall have access_token through Cognito User session.