Multi-Tenancy architecture using AWS Cognito : Part 2
In the previous story, we introduced multi-tenancy models with AWS Cognito. We have chosen the multi-tenant approach based on user pools. In this story, we are going to do the implementation.
The above architecture shows the level of isolation of the tenants. Each tenant has their own user pool on AWS cognito (Tenant A -> User Pool A, Tenant B -> User Pool B, Tenant C -> User Pool C).
We’ve used Amazon DynamoDB, storing each tenant identifier and the user pools credentials.
Step 1: The tenant users send requests with tenant identifier (X-Tenant) in http header.
Step 2: The Java Core application intercepts the X-Tenant header and checks if the tenant exists in DynamoDb (with AWS SDK). Next, retrieves the credentials of the tenant’s user pool.
Step 3: With the credentials of the tenant’s user pool, we can interact with the corresponding tenant’s user pool in Cognito.
Getting Started
You can find out how to set up DynamoDb and Cognito and my previous stories.