To summarize, we did the following in this recipe:
- Created a user
- Initiated authentication flow as a user
- Responded to password challenges from Cognito
- Used the refresh token to regenerate the access token and the ID token
The major differences, as compared to the server-side authentication flow API usage, are as follows:
- Unlike with the server-side authentication APIs, we did not specify an admin profile while executing the CLI commands.
- You do not have to specify the user pool ID with client-side authentication flow API calls; only the client ID needs to be specified.
In real-world applications, you generally choose client-side authentication if you are working with SDKs for client-side platforms (for example, iOS, Android, or JavaScript), and server-side authentication flows if you are working with SDKs for server-side language platforms (for example, Java and Node.js).