fastmcp.server.auth.providers.aws
AWS Cognito OAuth provider for FastMCP.
This module provides a complete AWS Cognito OAuth integration that’s ready to use
with a user pool ID, domain prefix, client ID and client secret. It handles all
the complexity of AWS Cognito’s OAuth flow, token validation, and user management.
Example:
Classes
AWSCognitoProviderSettings
Settings for AWS Cognito OAuth provider.
AWSCognitoTokenVerifier
Token verifier that filters claims to Cognito-specific subset.
Methods:
verify_token
AWSCognitoProvider
Complete AWS Cognito OAuth provider for FastMCP.
This provider makes it trivial to add AWS Cognito OAuth protection to any
FastMCP server using OIDC Discovery. Just provide your Cognito User Pool details,
client credentials, and a base URL, and you’re ready to go.
Features:
- Automatic OIDC Discovery from AWS Cognito User Pool
- Automatic JWT token validation via Cognito’s public keys
- Cognito-specific claim filtering (sub, username, cognito:groups)
- Support for Cognito User Pools
get_token_verifier
algorithm: Optional token verifier algorithmaudience: Optional token verifier audiencerequired_scopes: Optional token verifier required_scopestimeout_seconds: HTTP request timeout in seconds