Nikki's Lunch

Role has been the preferred way to gain access to AWS for mobile apps instead of hard coded credentials. A mobile app can assume a specific role via AWS STS (Security Token Service) in which a temporary AWS credentials will be returned. However, the implementation is not as easy as I thought it would be.  During my implementation time, I found that the documentation was not as clear and ended up spending a lot of time doing trial and error and re-reading articles. One of my requirements is I don't want to rely on AWS Cognito for identity at all since I already use a third party identity provider. It is, however, possible to use AWS Cognito as a bridge between the mobile app and the third party identity provider. My next requirement is I don't want to use AWS Amplify. AWS pushes Amplify usage very hard and it is indeed very easy to use, but I'm not too fond of the level of abstraction for my application. Another requirement is if possible, I want to use SDK instead of manual...

We are required to add a different authentication method on our ASP.NET Web Forms app. It is currently configured to use OWIN, so I thought I can just disable the current authentication method and revert to the old web.config forms authentication for testing purposes. Turns out it is harder than I thought. After disabling the current authentication method, I add the common Forms Authentication web.config entry: <authorization>    <deny users ="?" />    <allow users = "*" /> </authorization> <authentication mode="Forms">    <forms name=".ASPXFORMSAUTH" loginUrl="~/login.aspx" protection="All" path="/" timeout="30" /> </authentication> Then I try to access the protected page and to my surprise I got redirected to /Account/Login?ReturnUrl= . That is weird and I verified other settings and none seems to be out of place.  Searching online, I happened to find the followin...