Description
Is this related to a new or existing framework?
React
Is this related to a new or existing API?
GraphQL API
Is this related to another service?
No response
Describe the feature you'd like to request
It is currently not possible to import only the Auth component of amplify_outputs.json for unauthenticated users for the purpose of hiding backend configuration Data, specifically Active Directory groups provided by a 3rd party OIDC provider that are considered private by the entity serving the authentication.
Importing the whole .json leads to the backend schema details being in the js for unauthenticated users. I would like to be able to import only the component needed for unauthenticated users to login, "Auth". There is no reason for unauthenticated clients to be given the Data information at all.
Describe the solution you'd like
Seems like this should work:
// Dynamically import only when needed
(async () => {
const outputs = await import("../amplify_outputs.json");
Amplify.configure(outputs.default ? outputs.default.auth : outputs.auth);
Describe alternatives you've considered
The only way to work around this issue on the user side seems to be creating a separate amplify_authonly_outputs.json, including this in my source code, and importing it at main.tsx instead of the amplify_outputs.json file. This seems like a "hackish" workaround and also means I have to manually track sandbox vs production versions of this file.
Additional context
Hiding database authorization configuration details from unauthenticated users seems like a basic security feature.
Is this something that you'd be interested in working on?
- 👋 I may be able to implement this feature request
-
⚠️ This feature might incur a breaking change