Cognito integration demo
Sign in or register
This page demonstrates the hosted UI flow: the app redirects to Cognito for login or registration, Cognito returns an authorization code, and the server exchanges it for tokens using PKCE.
Flow overview
GET /api/auth/loginor/api/auth/signupgenerates PKCE values and redirects to Cognito hosted UI.- User authenticates or creates an account on Cognito (MFA may be required in deployed environments).
- Cognito redirects to
/api/auth/callbackwith an authorization code. - The server exchanges the code for tokens and stores them in httpOnly cookies.
GET /api/auth/sessionreturns the verified user claims for API clients.