Showing posts from June, 2020

AWS Amplify Multi-Auth GraphQL Public Create, Authenticated Read, Update, Delete

Since the release of multiple authorization support in Amplify GraphQL, a number of excellent blogs [1] [2] have been written about how multi-auth can readily support the public read, authenticated CRUD use case. This post describes using multi-auth to support another use case: public create , authenticated read/update/delete: Public ("unauthenticated") users can create objects in a GraphQL table; i.e., a user can create an object in the table without having to sign in with user name and password. The unauthenticated user cannot read, update, or delete any object in the table. An authenticated user can read, update, delete the objects that s/he owns in the same GraphQL table after signing into Amazon Cognito with user name and password. An example of this use case is where a website has a public form that asks users to fill out (e.g., taking a survey) without having to sign in.  The information from the form is stored in the GraphQL table.  Other than creating the fo