Integrating AWS Cognito Authentication with NodeBB API (No NodeBB UI)
-
Hi community,
I’m using AWS Cognito for authentication (sign up and login) across my project, and all user management is centralized there.
Now I want to integrate NodeBB, but I do not want to use NodeBB’s UI for login/registration. Instead, I want to:
-
Continue using AWS Cognito for user registration and login.
-
Expose a common backend service (API) that my other modules (and NodeBB) can use for authentication.
-
Use only the NodeBB APIs (not the UI) to handle sessions, topics, posts, etc.
I’m a bit unsure about the correct approach here:
-
Can NodeBB rely fully on Cognito for authentication while I interact with NodeBB only through its APIs?
-
How should I map Cognito users to NodeBB users (e.g., using Cognito’s sub as the NodeBB uid)?
-
Should I use the session-sharing plugin, or is it better to build a custom integration for Cognito?
-
What’s the recommended way to keep NodeBB users in sync with Cognito users if I bypass the UI?
Has anyone implemented this kind of API-only integration with Cognito and NodeBB? Any best practices or guidance would be much appreciated.
Thanks!
-
-
Hi community,
I’m using AWS Cognito for authentication (sign up and login) across my project, and all user management is centralized there.
Now I want to integrate NodeBB, but I do not want to use NodeBB’s UI for login/registration. Instead, I want to:
-
Continue using AWS Cognito for user registration and login.
-
Expose a common backend service (API) that my other modules (and NodeBB) can use for authentication.
-
Use only the NodeBB APIs (not the UI) to handle sessions, topics, posts, etc.
I’m a bit unsure about the correct approach here:
-
Can NodeBB rely fully on Cognito for authentication while I interact with NodeBB only through its APIs?
-
How should I map Cognito users to NodeBB users (e.g., using Cognito’s sub as the NodeBB uid)?
-
Should I use the session-sharing plugin, or is it better to build a custom integration for Cognito?
-
What’s the recommended way to keep NodeBB users in sync with Cognito users if I bypass the UI?
Has anyone implemented this kind of API-only integration with Cognito and NodeBB? Any best practices or guidance would be much appreciated.
Thanks!
balu Why are you planning to have the user step through Cognito for authentication if you're not intending to use the NodeBB frontend at all?
If you already have the Cognito user, you could use the NodeBB API (using a master token) to create a user, and store your own association between the cognito id and the nodebb uid.
Then just keep using the master token to make calls on behalf of whichever user. Use the
?_uid=parameter to distinguish calls between different users. -
-
julian Thank you for the clarification. 🙏
I am using React.js for my frontend, and the NodeBB forum is just one module inside my overall project.
I understand now that I can use the master token + ?_uid= approach to call the NodeBB APIs directly, and maintain my own mapping between the Cognito sub and the NodeBB uid.
I was initially looking at the session-sharing plugin, but since I am not using the NodeBB frontend at all, I think the create-user API + master token flow might be a cleaner solution for me.
Could you please confirm if in my case hitting the create-user API and maintaining the mapping is better than trying to wire up session-sharing?
-
julian Thank you for the clarification. 🙏
I am using React.js for my frontend, and the NodeBB forum is just one module inside my overall project.
I understand now that I can use the master token + ?_uid= approach to call the NodeBB APIs directly, and maintain my own mapping between the Cognito sub and the NodeBB uid.
I was initially looking at the session-sharing plugin, but since I am not using the NodeBB frontend at all, I think the create-user API + master token flow might be a cleaner solution for me.
Could you please confirm if in my case hitting the create-user API and maintaining the mapping is better than trying to wire up session-sharing?
balu it's what I would do. Doesn't necessarily mean it's the right approach but simpler is better.
Gli ultimi otto messaggi ricevuti dalla Federazione
-
-
@DataKnightmare intrepido vibes
-
-
A charming, cobblestone street in the historic village of Collodi, Tuscany, Italy, known for its medieval heritage and connection to Pinocchio.
The village features narrow, stone-paved streets and houses that retain their medieval appearance, showcasing the area's rich history.
Collodi is famous as the birthplace of Carlo Collodi, the author of "The Adventures of Pinocchio." The village is home to the Parco di Pinocchio, a theme park dedicated to the story.
-
mindless ungrown (male) teenagers still keep pushing for a hellscape future no one has asked for.
If you wear this shit, you are explicitly putting whoever's within sight at risk, in ways you cannot know. It is an aact of aggression.
Given that trying to reason with techbros is an exercise in futility, I reserve the right to slap this shit off the face of anybody coming within reach.
https://www.theverge.com/tech/779566/meta-ray-ban-display-hands-on-smart-glasses-price-battery-specs
-
@mannivu L’ho messo su non aspettandomi granché. Mi sono ritrovato di fronte un capolavoro. Veramente sorpreso dalla performance di tutti gli attori.
-
Schlein non la dice tutta sui conti della sanità nelle Marche
@politica
https://pagellapolitica.it/articoli/schlein-costi-sanita-marche
La regione guidata da Acquaroli è in debito per chi va a curarsi fuori regione, ma non è un problema nuovo
-
I'm lucky, never had any side effect, but my son had the same experience you're having 😁
