When you enable Login with Amazon for your app, you supply a redirect URL that Amazon calls after the user logs in. Amazon passes the access token as a parameter in the redirect URL, which you then extract and use in Step 2. In this app, the redirect URL is this website.
When you sign in with Google, you specify a callback function that executes after the user signs in. The callback function takes an object as input, and the object consists of several parameters. Most importantly, it contains the id token.
When you sign in with Facebook, it will trigger an event and you will receive an object that contains the access token. You can take this access token and proceed with Step 2.
Step 2 - Obtain Temporary Security Credentials
Now that you have an id token, you can obtain temporary security credentials by making an AssumeRoleWithWebIdentity request. You will assume a role that we created for you, shown in Step 3. Learn more.
Step 3 - Access AWS Resource
You can now make calls to AWS resources using your temporary security credentials (Secret Access Key, Access Key ID, and Session Token), with permissions defined by the Access Policy below.
Copyright 2013 Amazon.com, Inc. or its affiliates. All Rights Reserved. Licensed under the AWS Customer Agreement (the "License"). You may not use this application except in compliance with the License. A copy of the License is located at http://aws.amazon.com/agreement/ or in the "license" file accompanying this application. This application is provided on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.