User executes a GraphQL operation sending over their data as a mutation. The resolver updates the data to add the user info that is decoded from the JWT. The JWT is sent in the authorization header & is available in the resolver. Data is stored in the database along with user information.

In this example we can now query based on the author index.

Getting Started

The tools that we will be using to accomplish this are the AWS Amplify CLI to create the authentication service & the AWS Amplify JavaScript Client for client authentication as well as for the GraphQL client.

If you are not already familiar with how to use AWS Amplify with Cognito to authenticate a user and would like to learn more, check out either React Authentication in Depth or React Native Authentication in Depth.

To get started, clone the boilerplate we will be using in this example:

Then, cd into the directory & install the dependencies using yarn or npm:

cd appsync-react-native-with-user-authorization yarn || npm i

Now that the dependencies are installed, we will use the AWS Amplify CLI to initialize a new project.

First, install the AWS Amplify CLI if you do not already have it installed:

npm i -g @aws-amplify/cli

Next, configure the cli with your correct credentials:

If this is your first time using AWS, check out this video to see how to get these credentials and set up the CLI.

amplify configure

Now we can create a new project:

amplify init

You’ll be prompted with a few configuration options, feel free to accept the defaults to all of them or choose a custom project name when given the option.

Next we will add user-signin capabilities to the app with Amazon Cognito:

amplify add auth

Then push the updated config to the AWS console

amplify push

Now, you should be able to visit the console and view the new service. Go to https://console.aws.amazon.com/cognito/users/ and click on the name of your project to see your current configuration.

Creating the AWS AppSync API

Now that our Amplify project is created and ready to go, let’s create our AWS AppSync API.

First, go to the AWS AppSync console by visiting https://console.aws.amazon.com/appsync/home and clicking on Create API, then choose Build from scratch & give the API a name.

Creating the Schema

Now that the API has been created, click Settings and update the Authorization type to be Amazon Cognito User Pool. In the User Pool configuration, choose the user pool that was created when we created our AWS Amplify project using the CLI along with your region, and set the default action to Allow.