:max_bytes(150000):strip_icc()/how-to-add-devices-on-amazon-51916461-3543d85a4b82458fa8bd6d9bd1f8680c.jpg "how to add a device to amazon content and devices")
- #How to add a device to amazon content and devices how to
- #How to add a device to amazon content and devices code
It enables your application to use a remembered device as a second factor of authentication and thus suppresses the SMS-based challenge in the MFA flow. The second configuration appears if you selected either Always or User Opt-In for the first configuration. In such a scenario, the user requires the option to decide whether their device is to be remembered. This is a particularly useful option for a scenario where a higher security level is required but the user may sign in from a shared device for example, if a user signs in to a banking application from a public computer at a library. This configuration option enables your users to decide whether your application should remember the devices they use to sign in, though keep in mind that all devices are tracked regardless. User Opt-In – By selecting this option, your user’s device is remembered only if that user opts to remember the device. No (default) – By selecting this option, devices are neither remembered nor tracked.Īlways – By selecting this option, every device used by your application’s users is remembered. Now, let’s go over the first configuration setting: Do you want to remember devices? The new APIs in the AWS Mobile SDK do not expose these devices, but you can see them in the Amazon Cognito console. This means that the device credentials are not used to authenticate the device. The device is treated as if it was never used during the user authentication flow. You can also see remembered devices from the Amazon Cognito console.Ī not-remembered device is the flipside of being remembered, though the device is still tracked.
APIs to see remembered devices have been added to new releases of the Android, iOS, and JavaScript SDKs. During user authentication, the key and secret pair assigned to a remembered device is used to authenticate the device to verify that it is the same device that the user previously used to sign in to the application. In addition, you can see some metadata (whether it is remembered, time it began being tracked, last authenticated time, etc.) associated with the device and its usage. You can view all tracked devices for a specific user from the Amazon Cognito console device browser, which you can view by choosing a user from the Users panel.
When devices are tracked, a set of device credentials consisting of a key and secret key pair is assigned to every device. The specifics of these configurations shown above can be made clearer by going over some terminology first. The following image shows how you can enable device remembering from the Amazon Cognito console. This suppresses the second authentication challenge from remembered devices and thus reduces the friction users experience with MFA.
#How to add a device to amazon content and devices code
By using the new device remembering feature, a remembered device can serve in place of the security code delivered via SMS as a second factor of authentication. This increases security but comes at the expense of user experience, especially if users must get and enter a code for every sign-in.
If SMS-based MFA is enabled for an Amazon Cognito user pool, end users must input a security code received via SMS during every sign-in in addition to entering their password. This feature works together with MFA to reduce some of the friction end users experience when using MFA. For example, with a content distribution application (e.g., video streaming), you can limit the number of devices from which an end user can stream their content. In addition, you can build custom functionality using the notion of remembered devices. You can see the remembered devices and associated metadata through the console and by using the ListDevices and GetDevice APIs. This feature enables developers to remember the devices on which end users sign in to their application. The following examples are not exhaustive, but we use them in this blog post to illustrate the functionality.
#How to add a device to amazon content and devices how to
This blog post provides an overview of the feature, identifies the primary use cases, and describes how to set up the feature for your application.įirst, let’s take a look at some of the primary use cases for device remembering. This feature provides insight into the usage of your app’s users and reduces the friction associated with multi-factor authentication (MFA). With the general availability launch of Amazon Cognito Your User Pools, we introduced a new feature that enables device tracking and remembering.
0 kommentar(er)
