# 4.2.2 Using user pools with Bayun AWSS3 wrapper 'SecureAuthentication' Here are the details about registering, confirming, and authenticating users using AWSS3 wrapper. User Registration, SignUp Confirmation, SignIn, SignOut needs to be done with **SecureAuthentication** instance. ### Creating an AWSCognitoIdentityUserPool Object The following procedure describes how to create an **AWSCognitoIdentityUserPool** object to interact with. #### 1. Set up your service config There is no change in setting up Service Config and is same as using standard AWS Mobile SDK. {% tabs %} {% tab title="Objective-C" %} ```objectivec AWSServiceConfiguration *serviceConfiguration = [[AWSServiceConfiguration alloc] initWithRegion:AWSRegionUSEast1 credentialsProvider:nil]; ``` {% endtab %} {% tab title="Swift" %} ```swift let serviceConfiguration : AWSServiceConfiguration = AWSServiceConfiguration(region: .USEast1, credentialsProvider: nil) ``` {% endtab %} {% endtabs %} #### 2. Create a user pool configuration. There is no change in creating user pool configuration and is same as using standard AWS Mobile SDK. {% tabs %} {% tab title="Objective-C" %} ```objectivec //create a pool AWSCognitoIdentityUserPoolConfiguration *configuration = [[AWSCognitoIdentityUserPoolConfiguration alloc] initWithClientId:@"CLIENT_ID" clientSecret:@"CLIENT_SECRET" poolId:@"USER_POOL_ID"]; [AWSCognitoIdentityUserPool registerCognitoIdentityUserPoolWithConfiguration:serviceConfiguration userPoolConfiguration:configuration forKey:@"UserPool"]; AWSCognitoIdentityUserPool *pool = [AWSCognitoIdentityUserPool CognitoIdentityUserPoolForKey:@"UserPool"]; ``` {% endtab %} {% tab title="Swift" %} ```swift let configuration : AWSCognitoIdentityUserPoolConfiguration = AWSCognitoIdentityUserPoolConfiguration(clientId: "CLIENT_ID", clientSecret: "CLIENT_SECRET", poolId: "USER_POOL_ID") AWSCognitoIdentityUserPool.register(with: serviceConfiguration, userPoolConfiguration: configuration, forKey: "UserPool") let pool : AWSCognitoIdentityUserPool = AWSCognitoIdentityUserPool(forKey: "UserPool") ``` {% endtab %} {% endtabs %} ### Register a User Use SecureAuthentication's `signUp:username:password:userAttributes:userAttributes:validationData:withBlock:` method to register a new user instead of relying on standard AWS Mobile SDK's signUp method. {% tabs %} {% tab title="Objective-C" %} ```objectivec AWSCognitoIdentityUserAttributeType * email = [AWSCognitoIdentityUserAttributeType new]; email.name = @"email"; email.value = @"email@mydomain.com"; AWSCognitoIdentityUserPool *pool = [AWSCognitoIdentityUserPool CognitoIdentityUserPoolForKey:@"UserPool"]; BOOL registerBayunWithPwd = true; //sign up the user [[SecureAuthentication sharedInstance] signUp:pool username:@"username" password:@"password" userAttributes:@[email] validationData:nil registerBayunWithPwd:registerBayunWithPwd withBlock:^id_Nullable(AWSTask * _Nonnull task) { dispatch_async(dispatch_get_main_queue(), ^{ if(task.error){ [[[UIAlertView alloc] initWithTitle:task.error.userInfo[@"__type"] message:task.error.userInfo[@"message"] delegate:self cancelButtonTitle:@"Ok" otherButtonTitles:nil] show]; } else { AWSCognitoIdentityUserPoolSignUpResponse * response = task.result; if(!response.userConfirmed){ // handle the case where user has to confirm his identity } }}); return nil; }]; ``` {% endtab %} {% tab title="Swift" %} ```swift let pool : AWSCognitoIdentityUserPool = AWSCognitoIdentityUserPool(forKey: "UserPool") let email = AWSCognitoIdentityUserAttributeType() email?.name = "email" email?.value = "email@mydomain.com" let registerBayunWithPwd = true SecureAuthentication.sharedInstance().signUp(pool, username: "username", password: "password", userAttributes: [email!], validationData: nil, registerBayunWithPwd: registerBayunWithPwd){ (task) -> Any? in DispatchQueue.main.async(execute: { if let error = task.error as? NSError { let alertController = UIAlertController(title: error.userInfo["__type"] as? String, message: error.userInfo["message"] as? String, preferredStyle: .alert) let retryAction = UIAlertAction(title: "Retry", style: .default, handler: nil) alertController.addAction(retryAction) self?.present(alertController, animated: true, completion: nil) } else if let result = task.result { if (result.user.confirmedStatus != AWSCognitoIdentityUserStatus.confirmed) { // handle the case where user has to confirm his identity } } }) } ``` {% endtab %} {% endtabs %} ### Confirm Signup Confirm a users' sign up with the confirmation code using SecureAuthentication's `confirmSignUpForUser:confirmationCode:forceAliasCreation:withBlock:` method. {% tabs %} {% tab title="Objective-C" %} ```objectivec AWSCognitoIdentityUserPool *pool = [AWSCognitoIdentityUserPool CognitoIdentityUserPoolForKey:@"UserPool"]; AWSCognitoIdentityUser *user = [pool getUser:@"username"]; [[SecureAuthentication sharedInstance] confirmSignUpForUser:user confirmationCode:"code" forceAliasCreation:YES withBlock:^id _Nullable(AWSTask * _Nonnull task) { if(task.error){ [[[UIAlertView alloc] initWithTitle:task.error.userInfo[@"__type"] message:task.error.userInfo[@"message"] delegate:nil cancelButtonTitle:@"Ok" otherButtonTitles:nil] show]; } else { //return to signin screen [self.navigationController popToRootViewControllerAnimated:YES]; } return nil; }]; ``` {% endtab %} {% tab title="Swift" %} ```swift let pool : AWSCognitoIdentityUserPool = AWSCognitoIdentityUserPool(forKey: "UserPool") let user : AWSCognitoIdentityUser = pool.getUser("username") SecureAuthentication.sharedInstance().confirmSignUp(for: user, confirmationCode: "code", forceAliasCreation: true) { (task) -> Any? in DispatchQueue.main.async(execute: { if let error = task.error as? NSError { let alertController = UIAlertController(title: error.userInfo["__type"] as? String, message: error.userInfo["message"] as? String, preferredStyle: .alert) let okAction = UIAlertAction(title: "Ok", style: .default, handler: nil) alertController.addAction(okAction) self.present(alertController, animated: true, completion: nil) } else { let _ = strongSelf.navigationController?.popToRootViewController(animated: true) } }) ``` {% endtab %} {% endtabs %} ### Sign in a User Use SecureAuthentication's `signInPool:username:password:withBlock:` method to get a session username and password. {% tabs %} {% tab title="Objective-C" %} ```objectivec AWSCognitoIdentityUserPool *pool = [AWSCognitoIdentityUserPool CognitoIdentityUserPoolForKey:@"UserPool"]; [[SecureAuthentication sharedInstance] signInPool:pool username:@"username" password:@"password" withBlock:^id _Nullable(AWSTask * _Nonnull task) { dispatch_async(dispatch_get_main_queue(), ^{ NSError *error = task.error; if(error){ [[[UIAlertView alloc] initWithTitle:error.userInfo[@"__type"] message:error.userInfo[@"message"] delegate:nil cancelButtonTitle:nil otherButtonTitles:@"Retry", nil] show]; } else { //signIn successful } }); return nil; }]; ``` {% endtab %} {% tab title="Swift" %} ```swift SecureAuthentication.sharedInstance().sign(in: pool, username: "username", password: "password", with: { (task) -> Any? in DispatchQueue.main.async(execute: { if let error = task.error as? NSError { let alertController = UIAlertController(title: error.userInfo["__type"] as? String, message: error.userInfo["message"] as? String, preferredStyle: .alert) let okAction = UIAlertAction(title: "Ok", style: .default, handler: nil) alertController.addAction(okAction) self.present(alertController, animated: true, completion: nil) } else { //signIn successful } }) }) ``` {% endtab %} {% endtabs %} ### Signout a user Use SecureAuthentication's signout method to clear all tokens. {% tabs %} {% tab title="Objective-C" %} ```objectivec [[SecureAuthentication sharedInstance] signout:user]; ``` {% endtab %} {% tab title="Swift" %} ```swift SecureAuthentication.sharedInstance().signout(user) ``` {% endtab %} {% endtabs %}