I have integrated my User Pools setup with the federated identity flow with the 9 steps from the relevant documentation. I'm following the documentation and using the enhanced auth flow.
There is however an additional step which I cannot quite understand that is possibly causing my experienced problem with the IOS SDK. The guide mentions that:
After the user is authenticated, add that user's identity token to the logins map in the credentials provider. The provider name will depend on your Amazon Cognito Identity user pool ID. It will have the following structure: cognito-idp..amazonaws.com/
Then it offers the following IOS SDK snippet:
AWSCognitoIdentityUserPool *pool = [[AWSCognitoIdentityUserPoolalloc] initWithClientId:@"YOUR_CLIENT_ID"clientSecret:@"YOUR_CLIENT_SECRET"poolId:@"YOUR_USER_POOL_ID"];
AWSCognitoCredentialsProvider *credentialsProvider = [[AWSCognitoCredentialsProvideralloc] initWithRegionType:AWSRegionUSEast1identityPoolId:@"IDENTITY_POOL_ID"identityProviderManager:pool];
But from my understanding, there isn't any logins map added in the credentials provider in this piece of code. If you would look at the JavaScript and Java version you will see that this is set explicitly. After some digging around I also found a method for the IOS-SDK, namely a setLogins method, however this method is deprecated. Based on the documentation it would make sense that I could initiated it as follows:
[self.credentialsProvider setLogins:@{@"cognito-idp.<region>.amazonaws.com/<YOUR_USER_POOL_ID>": @"id_token"}];
However, this results in a depreciation warning.:
setLogins is deprecated. Use 'AWSIdentityProviderManager' to provide a valid logins dictionary to the credentials provider
The AWSIdentityProviderManager protocol does seem to offer a logins method, however this is not documented.
So my question is: how could I add my logins map in my credentials provider?
You do not add the logins dictionary to the credentials provider. AWSIdentityProviderManager defines the following method:
- (AWSTask<NSDictionary<NSString *, NSString *> *> *)logins;
It asynchronously supplies the logins dictionary to the credentials provider, and AWSCognitoIdentityUserPool conforms to AWSIdentityProviderManager. So, the code snippet is all you need. If you are experiencing an issue, it is not related to the logins dictionary.