Researchs
  • About Me
  • Bypassing DEP - Increasing the Gap
  • Hijacking Cloud CI/CD Systems for Fun and Profit
  • Found some Access Keys?
  • AWS Cloud Security
    • AWS Cloud Researchs
      • AWS and the Secrets Exposed on Public ECR Repository
    • Hacking API Gateway
      • API Gateway - Security
      • API Gateway API Calls
    • Hacking S3
      • S3 - Security
      • S3 API Calls
    • Hacking Cognito
      • Cognito - Security
      • Cognito - API Calls
    • Hacking Lamda
      • Lambda - Security
      • Lambda - API Calls
    • Hacking Cloudbuild
      • Cloudbuild - Security
      • Cloudbuild - API Calls
    • AWS Services
  • Windows Security Research
    • Exploit Development
      • RTCore64.sys - CVE-2019-16098
      • Mouse Server
      • mskssrv.sys - CVE-2023–29360
    • Fuzzing
      • WTF
  • Supply Chain Research
    • Abusing Netlify Functions
  • Reverse Engineering
    • Reversing.kr
      • Easy_CrackMe
      • Easy KeyGen
  • Failed Research Attempts
    • Github Actions - Cloud
    • CloudTrail
Powered by GitBook
On this page
  1. AWS Cloud Security
  2. Hacking Cognito

Cognito - API Calls

Cognito API Calls

Here are some popular Cognito API calls and what they do :-

  • cognito-idp:get-user : API call to fetch user details associated with the access token

  • cognito-identity:get-id : API call to fetch the identity id from Cognito Indentity Pool ID.

  • cognito-identity:get-credentials-for-identity : API call to fetch the STS tokens using the IdentityID.

  • cognito-idp:initiate-auth : API call to initiate authentication and fetch the AccessToken & TokenId by passing the authentication credentials.

  • cognito-identity:get-credentials-for-identity : API call to fetch the STS tokens for authenticated users by passing the TokenId and Cognito User Pool Id.

PreviousCognito - SecurityNextHacking Lamda

Last updated 1 year ago