How to integrate AWS Cognito User Pool login with Google Sign-In in Flutter?

Help General
,
1

I have configured AWS Cognito User Pool and added Google as a social identity provider.

  • On the Cognito side, I created a mobile client for my user pool.
  • On the Google Cloud side, I created a web client and added the client ID and secret into Cognito.
  • I can already see Google as a federated IdP in my Cognito console.

Now I’m stuck on the Flutter app integration part.

My questions:

  1. How do I use google_sign_in in Flutter to authenticate with Google and then pass the ID token to Cognito?
  2. Do I need to call Cognito’s /oauth2/token endpoint manually, or is there a better way?
  3. Is it recommended to use Amplify Auth (signInWithWebUI) for this flow instead of handling tokens manually?
  4. If I go with the Hosted UI option, how can I integrate it with Flutter (e.g., using flutter_web_auth_2)?

Has anyone successfully set up Cognito User Pool login with Google Sign-In in Flutter? A sample code snippet or recommended approach would be really helpful.

2

Can help with 1:

static Future<void> _signInWithGoogleAndroid() async {
  await GoogleSignIn.instance.initialize();

  String idToken;
  final account = await GoogleSignIn.instance.attemptLightweightAuthentication();

  if (account != null) {
    idToken = account.authentication.idToken!;
  } else {
    final auth = await GoogleSignIn.instance.authenticate(
      scopeHint: [
        "openid",
        "https://www.googleapis.com/auth/userinfo.email",
      ],
    );

    idToken = auth.authentication.idToken!;
  }

  // idToken is your token
}

In my case, I feed FirebaseAuth with that idToken and it work flawlessly. For NHost, I could never make it accept the token (but, then again, NHost is a bug, not a product, anyways…). For Cognito, I’m hopping it works just as Firebase Auth, but I never used it (I’m really against paying money for authentication).