Overview
Arda uses OAuth2 with AWS Cognito as the primary authentication mechanism. This section documents how authentication flows work between the frontend, BFF, and backend services.
Documents
Section titled “Documents”| Document | Description |
|---|---|
| Hybrid Auth | Demo202509 hybrid approach: Cognito JWT for FE/BFF, Bearer Token for backend |
| OAuth2 UI Authentication | Simple Cognito authentication flow without custom claims server |
| OAuth2 Drafts | Design notes on token limits, token exchange, and augmentation strategies |
Related Documentation
Section titled “Related Documentation”- Cognito Service — User Pool, Resource Server, client configuration
- JWT Payload — Identity Token and Access Token claim structures
- OAuth2 API Endpoints — Cognito endpoint reference
- Security Realms and Permissions — RBAC/ABAC design
Copyright: © Arda Systems 2025-2026, All rights reserved