aws-amplify · renebrandel · May 20, 2024 · May 16, 2024 · lawmicha · May 16, 2024
@@ -164,6 +164,8 @@ const schema = a.schema({
 
 On the client side, make sure to always authenticate with the corresponding authorization mode.
 
+<InlineFilter filters={["javascript", "angular", "react-native", "react", "nextjs", "vue", "android", "flutter"]}>
+
 ```ts
 import { generateClient } from 'aws-amplify/data'
 import type { Schema } from '@/amplify/data/resource' // Path to your backend resource definition
@@ -184,6 +186,38 @@ const { data: listPostsResult , errors } = await client.models.Post.list({
 });
 ```
 
+</InlineFilter>
+
+<InlineFilter filters={["swift"]}>
+
+Creating a post is restricted to Cognito User Pools.
+
+```swift
+do {
+    let post = Post(title: "Hello World")
+    let createdTodo = try await Amplify.API.mutate(request: .create(
+        post,
+        authMode: .amazonCognitoUserPools)).get()
+} catch {
+    print("Failed to create post", error)
+}
+```
+
+Listing posts is available to unauthenticated users (verified by Amazon Cognito identity pool's unauthenticated role)
+
+```swift
+do {
+    let queriedPosts = try await Amplify.API.query(request: .list(
+        Post.self,
+        authMode: .awsIAM)).get()
+    print("Number of posts:", queriedPosts.count)
+} catch {
+    print("Failed to list posts", error)
+}
+```
+
+</InlineFilter>
+
 ## Learn more about specific authorization strategies
 
 <Overview childPageNodes={props.childPageNodes} />

@@ -41,11 +41,14 @@ const schema = a.schema({
   Todo: a
     .model({
       content: a.string(),
+      owners: a.string().array(),
     })
     .authorization(allow => [allow.ownersDefinedIn('owners')]),
 });
 ```
 
+<InlineFilter filters={["javascript", "angular", "react-native", "react", "nextjs", "vue", "android", "flutter"]}>
+
 In your application, you can perform CRUD operations against the model using `client.models.<model-name>` with the `userPool` auth mode.
 
 ```ts
@@ -66,8 +69,10 @@ const { errors, data: newTodo } = await client.models.Todo.create(
   // highlight-end
 );
 ```
+
+Add another user as an owner
+
 ```ts
-// Add another user as an owner
 await client.models.Todo.update(
   {
     id: newTodo.id,
@@ -81,6 +86,38 @@ await client.models.Todo.update(
 );
 ```
 
+</InlineFilter>
+
+<InlineFilter filters={["swift"]}>
+
+In your application, you can perform CRUD operations against the model with the `amazonCognitoUserPools` auth mode.
+
+```swift
+do {
+    let todo = Todo(content: "My new todo")
+    let createdTodo = try await Amplify.API.mutate(request: .create(
+        todo,
+        authMode: .amazonCognitoUserPools)).get()
+} catch {
+    print("Failed to create todo", error)
+}
+```
+
+Add another user as an owner
+
+```swift
+do {
+    createdTodo.owners?.append(otherUserId)
+    let updatedTodo = try await Amplify.API.mutate(request: .update(
+        createdTodo,
+        authMode: .amazonCognitoUserPools)).get()
+} catch {
+    print("Failed to update todo", error)
+}
+```
+
+</InlineFilter>
+
 ## Override to a list of owners
 
 You can override the `inField` to a list of owners. Use this if you want a dynamic set of users to have access to a record. In the example below, the `authors` list is populated with the creator of the record upon record creation. The creator can then update the `authors` field with additional users. Any user listed in the `authors` field can access the record.

@@ -36,7 +36,6 @@ The `owner` authorization strategy restricts operations on a record to only the
 
 You can use the `owner` authorization strategy to restrict a record's access to a specific user. When `owner` authorization is configured, only the record's `owner` is allowed the specified operations.
 
-
 ```ts title="amplify/data/resource.ts"
 // The "owner" of a Todo is allowed to create, read, update, and delete their own todos
 const schema = a.schema({
@@ -60,6 +59,8 @@ const schema = a.schema({
 });
 ```
 
+<InlineFilter filters={["javascript", "angular", "react-native", "react", "nextjs", "vue", "android", "flutter"]}>
+
 In your application, you can perform CRUD operations against the model using `client.models.<model-name>` with the `userPool` auth mode.
 
 ```ts
@@ -79,6 +80,23 @@ const { errors, data: newTodo } = await client.models.Todo.create(
   // highlight-end
 );
 ```
+</InlineFilter>
+
+<InlineFilter filters={["swift"]}>
+
+In your application, you can perform CRUD operations against the model with the `amazonCognitoUserPools` auth mode.
+
+```swift
+do {
+    let todo = Todo(content: "My new todo")
+    let createdTodo = try await Amplify.API.mutate(request: .create(
+        todo,
+        authMode: .amazonCognitoUserPools)).get()
+} catch {
+    print("Failed to create todo", error)
+}
+```
+</InlineFilter>
 
 Behind the scenes, Amplify will automatically add a `owner: a.string()` field to each record which contains the record owner's identity information upon record creation.
 

@@ -45,6 +45,8 @@ const schema = a.schema({
 });
 ```
 
+<InlineFilter filters={["javascript", "angular", "react-native", "react", "nextjs", "vue", "android", "flutter"]}>
+
 In your application, you can perform CRUD operations against the model using `client.models.<model-name>` by specifying the `apiKey` auth mode.
 
 ```ts
@@ -65,6 +67,25 @@ const { errors, data: newTodo } = await client.models.Todo.create(
 );
 ```
 
+</InlineFilter>
+
+<InlineFilter filters={["swift"]}>
+
+In your application, you can perform CRUD operations against the model by specifying the `apiKey` auth mode.
+
+```swift
+do {
+    let todo = Todo(content: "My new todo")
+    let createdTodo = try await Amplify.API.mutate(request: .create(
+        todo,
+        authMode: .apiKey)).get()
+} catch {
+    print("Failed to create todo", error)
+}
+```
+
+</InlineFilter>
+
 ## Add public authorization rule using Amazon Cognito identity pool's unauthenticated role
 
 You can also override the authorization provider. In the example below, `identityPool` is specified as the provider which allows you to use an "Unauthenticated Role" from the Cognito identity pool for public access instead of an API key. Your Auth resources defined in `amplify/auth/resource.ts` generates scoped down IAM policies for the "Unauthenticated role" in the Cognito identity pool automatically.
@@ -79,6 +100,8 @@ const schema = a.schema({
 });
 ```
 
+<InlineFilter filters={["javascript", "angular", "react-native", "react", "nextjs", "vue", "android", "flutter"]}>
+
 In your application, you can perform CRUD operations against the model using `client.models.<model-name>` with the `identityPool` auth mode.
 
 <Callout info>
@@ -123,3 +146,22 @@ const { errors, data: newTodo } = await client.models.Todo.create(
   // highlight-end
 );
 ```
+
+</InlineFilter>
+
+<InlineFilter filters={["swift"]}>
+
+In your application, you can perform CRUD operations against the model with the `awsIAM` auth mode.
+
+```swift
+do {
+    let todo = Todo(content: "My new todo")
+    let createdTodo = try await Amplify.API.mutate(request: .create(
+        todo,
+        authMode: .awsIAM)).get()
+} catch {
+    print("Failed to create todo", error)
+}
+```
+
+</InlineFilter>
@@ -51,6 +51,8 @@ const schema = a.schema({
 });
 ```
 
+<InlineFilter filters={["javascript", "angular", "react-native", "react", "nextjs", "vue", "android", "flutter"]}>
+
 In your application, you can perform CRUD operations against the model using `client.models.<model-name>` with the `userPool` auth mode.
 
 ```ts
@@ -70,6 +72,24 @@ const { errors, data: newTodo } = await client.models.Todo.create(
   // highlight-end
 );
 ```
+</InlineFilter>
+
+<InlineFilter filters={["swift"]}>
+
+In your application, you can perform CRUD operations against the model with the `amazonCognitoUserPools` auth mode.
+
+```swift
+do {
+    let todo = Todo(content: "My new todo")
+    let createdTodo = try await Amplify.API.mutate(request: .create(
+        todo,
+        authMode: .amazonCognitoUserPools)).get()
+} catch {
+    print("Failed to create todo", error) 
+}
+```
+
+</InlineFilter>
 
 ## Use identity pool for signed-in user authentication
 
@@ -86,6 +106,8 @@ const schema = a.schema({
 });
 ```
 
+<InlineFilter filters={["javascript", "angular", "react-native", "react", "nextjs", "vue", "android", "flutter"]}>
+
 In your application, you can perform CRUD operations against the model using `client.models.<model-name>` with the `iam` auth mode.
 
 <Callout info>
@@ -109,5 +131,26 @@ const { errors, data: newTodo } = await client.models.Todo.create(
   // highlight-end
 );
 ```
+</InlineFilter>
+
+<InlineFilter filters={["swift"]}>
+
+In your application, you can perform CRUD operations against the model with the `awsIAM` auth mode.
+
+<Callout info>
+ The user must be logged in for the Amplify Library to use the authenticated role from your Cognito identity pool.
+</Callout>
+
+```swift
+do {
+    let todo = Todo(content: "My new todo")
+    let createdTodo = try await Amplify.API.mutate(request: .create(
+        todo,
+        authMode: .awsIAM)).get()
+} catch {
+    print("Failed to create todo", error)
+}
+```
+</InlineFilter>
 
 In addition, you can also use OpenID Connect with `authenticated` authorization. See [OpenID Connect as an authorization provider](/[platform]/build-a-backend/data/customize-authz/using-oidc-authorization-provider/).
@@ -47,6 +47,8 @@ const schema = a.schema({
 });
 ```
 
+<InlineFilter filters={["javascript", "angular", "react-native", "react", "nextjs", "vue", "android", "flutter"]}>
+
 In your application, you can perform CRUD operations against the model using `client.models.<model-name>` with the `userPool` auth mode.
 
 ```ts
@@ -69,6 +71,27 @@ const { errors, data: newSalary } = await client.models.Salary.create(
 );
 ```
 
+</InlineFilter>
+
+<InlineFilter filters={["swift"]}>
+
+In your application, you can perform CRUD operations against the model with the `amazonCognitoUserPools` auth mode.
+
+```swift
+do {
+    let salary = Salary(
+        wage: 50.25,
+        currency: "USD")
+    let createdSalary = try await Amplify.API.mutate(request: .create(
+        salary,
+        authMode: .amazonCognitoUserPools)).get()
+} catch {
+    print("Failed to create salary", error)
+}
+```
+
+</InlineFilter>
+
 This can then be updated to allow access to multiple defined groups; in this example below we added access for "Leadership".
 
 ```ts