how `cognito` login works

1. User logins with with Microsoft Active Directory Federation Services Single Sign On (SSO), under the hood, the React FE uses aws Cognito Login UI in AppAuth.jsx
2. After the SSO success, the FE cognito knows that this is user logged in and cognito gives JWT Tokens to FE in reactapp/src/App.jsx
3. Then the Apollo JS Framework adds the JWT Token to the header in requests to the backend in reactapp/src/apollo.js
4. backend validates this token in access_token_authentication.py

See also

• Cognito With Federations