Choose your framework/language

v0v1
Edit on GitHub

Page updated Nov 8, 2023

Escape hatch

As an alternative to the Amplify client libraries, or in situations where the libraries do not provide the functionality you require, the underlying AWS services can be communicated with directly using an HTTP client and the AWS Signature V4 (SigV4) package.

Using the Signer

To get started using the signer, add it as a dependency in your pubspec.yaml like the following:

1dependencies:
2  aws_common: ^0.4.0
3  aws_signature_v4: ^0.3.0

After that create an instance of the signer in your project.

1import 'package:aws_signature_v4/aws_signature_v4.dart';
2

3const signer = AWSSigV4Signer();

AWS credentials are configured in the signer by overriding the credentialsProvider parameter of the constructor. By default, the signer pulls credentials from your environment via the AWSCredentialsProvider.environment() provider. On mobile and web, this means using the Dart environment which is configured by passing the dart-define flag to your flutter commands, like the following:

1$ flutter run --dart-define=AWS_ACCESS_KEY_ID=... --dart-define=AWS_SECRET_ACCESS_KEY=...

On Desktop, credentials are retrieved from the system's environment using Platform.environment.

Signing a Request

The signer works by transforming HTTP requests using your credentials to create signed HTTP requests which can be sent off in the same way as normal HTTP requests.

As an example, here's how you would sign a request to Cognito to gather information about a User Pool.

1import 'dart:convert';
2

3import 'package:aws_common/aws_common.dart';
4import 'package:aws_signature_v4/aws_signature_v4.dart';
5

6// Create the signer instance with credentials from the environment.
7const AWSSigV4Signer signer = AWSSigV4Signer(
8  credentialsProvider: AWSCredentialsProvider.environment(),
9);
10

11// Create the signing scope and HTTP request
12const region = '<YOUR-REGION>';
13

14Future<void> main() async {
15  final scope = AWSCredentialScope(
16    region: region,
17    service: AWSService.cognitoIdentityProvider,
18  );
19

20  final request = AWSHttpRequest(
21    method: AWSHttpMethod.post,
22    uri: Uri.https('cognito-idp.$region.amazonaws.com', '/'),
23    headers: const {
24      AWSHeaders.target: 'AWSCognitoIdentityProviderService.DescribeUserPool',
25      AWSHeaders.contentType: 'application/x-amz-json-1.1',
26    },
27    body: json.encode({
28      'UserPoolId': '<YOUR-USER-POOL-ID>',
29    }).codeUnits,
30  );
31

32  // Sign and send the HTTP request
33  final signedRequest = await signer.sign(
34    request,
35    credentialScope: scope,
36  );
37  final resp = await signedRequest.send();
38  final respBody = await resp.decodeBody();
39  safePrint(respBody);
40}

For a full example, check out the example project in the GitHub repo. And for specifics on the different AWS operations you can perform, check out the AWS API Reference docs for the service. For example, here are the docs for the DescribeUserPool API used above.

PREVIOUS
Platform setup
NEXT
Upgrade guide
Site color mode

Amplify open source software, documentation and community are supported by Amazon Web Services.

© 2024, Amazon Web Services, Inc. and its affiliates.

All rights reserved. View the site terms and privacy policy.

Flutter and the related logo are trademarks of Google LLC. We are not endorsed by or affiliated with Google LLC.