Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature Request: Sharing authentication state between apps from the same developer #4645

Open
3 of 14 tasks
wrbl606 opened this issue Apr 4, 2024 · 9 comments
Open
3 of 14 tasks

Feature Request: Sharing authentication state between apps from the same developer #4645

wrbl606 opened this issue Apr 4, 2024 · 9 comments
Labels
Android Issues specific to the Android Platform auth Issues related to the Auth Category feature-request A request for a new feature or an enhancement to an existing API or category.

Comments

@wrbl606
Copy link

wrbl606 commented Apr 4, 2024

Description

Not a bug, rather guidance or a feature request.

On Android and iOS (though achieved in a very different manner), apps from the same developer can exchange information. Is amplify_auth_cognito ready for sharing user tokens in such a way, so authentication state is shared between a group of apps from the same developer? If so, what needs to be done to opt in to such behaviour, and if not will you consider implementing this feature or provide documentation on how to achieve that?

Categories

  • Analytics
  • API (REST)
  • API (GraphQL)
  • Auth
  • Authenticator
  • DataStore
  • Notifications (Push)
  • Storage

Steps to Reproduce

Not a bug, but also no way to report feature requests 😇

Screenshots

No response

Platforms

  • iOS
  • Android
  • Web
  • macOS
  • Windows
  • Linux

Flutter Version

3.19.5

Amplify Flutter Version

1.7.0

Deployment Method

Amplify CLI

Schema

No response
@Jordan-Nelson Jordan-Nelson added auth Issues related to the Auth Category pending-triage This issue is in the backlog of issues to triage labels Apr 4, 2024
@Jordan-Nelson
Copy link
Contributor

Hello @wrbl606 - Thanks for opening the request.

On iOS this is supported via accessGroup. This value will be used to set ksecattraccessgroup in iOS Keychain.

Here is an example of how to set that value.

final auth = AmplifyAuthCognito(
  secureStorageFactory: AmplifySecureStorage.factoryFrom(
    iOSOptions: IOSSecureStorageOptions(accessGroup: 'foo'),
  ),
);

There is no equivalent for Android currently. We can mark this as a feature request to start tracking interest.

@Jordan-Nelson Jordan-Nelson changed the title [amplify_auth_cognito] Sharing authentication state between apps from the same developer Feature Request: Sharing authentication state between apps from the same developer Apr 4, 2024
@Jordan-Nelson Jordan-Nelson added feature-request A request for a new feature or an enhancement to an existing API or category. Android Issues specific to the Android Platform and removed pending-triage This issue is in the backlog of issues to triage labels Apr 4, 2024
@wrbl606
Copy link
Author

wrbl606 commented Apr 5, 2024

Thank you! Assuming we'll implement the data sharing solution on our own for Android, is there a way to make the AmplifyAuthCognito use manually provided tokens to perform authentication tasks?

@Mik77o Mik77o mentioned this issue Apr 22, 2024
Open
@Mik77o
Copy link

Mik77o commented Apr 26, 2024

Thank you! Assuming we'll implement the data sharing solution on our own for Android, is there a way to make the AmplifyAuthCognito use manually provided tokens to perform authentication tasks?

Assuming that this is currently not possible, perhaps if it comes to a new feature it would be possible to use AccountManager for Android. 🤔

@Jordan-Nelson
Copy link
Contributor

Apologies for the delayed response. You can create your own implementation of credential storage. Please see the docs here, which show a simple example of an in memory credential store.

@Mik77o
Copy link

Mik77o commented Apr 26, 2024

@Jordan-Nelson Thanks for the reply!

So if we implement it ourselves for Android, sharing credentials between many apps will be possible, or do we also have to implement this mechanism ourselves? This may be a stupid question, but it's completely new to me.

This documentation mentions EncryptedSharedPreferences on Android.

@Jordan-Nelson
Copy link
Contributor

If you use Amplify's implementation, Android EncryptedSharedPreferences is used.

If you build your own implementation, you need to decide where to store tokens and how to share them across applications and you need to implement that.

@Mik77o
Copy link

Mik77o commented May 6, 2024

@Jordan-Nelson Thanks for your reply! I'd like to ask about a related topic. Is there any special effort required on the frontend side when we want to use the same user pool across multiple mobile applications? Regarding the concept itself, I found some valuable information here: https://docs.aws.amazon.com/cognito/latest/developerguide/application-client-based-multi-tenancy.html.

@Jordan-Nelson
Copy link
Contributor

There is nothing in Amplify Flutter preventing the same user pool from being used in multiple apps. As discussed, Amplify Flutter will not share credentials across applications automatically though.

@Mik77o
Copy link

Mik77o commented May 7, 2024

There is nothing in Amplify Flutter preventing the same user pool from being used in multiple apps. As discussed, Amplify Flutter will not share credentials across applications automatically though.

Okay, thanks for confirming this fact!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Android Issues specific to the Android Platform auth Issues related to the Auth Category feature-request A request for a new feature or an enhancement to an existing API or category.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@wrbl606 @Jordan-Nelson @Mik77o