There is a mobile app that uses OpenID Connect for SSO. That mobile app is not built with AWS. Developers of that app are asking me to provide my own SSO service with OpenID Connect that they can use it for user authentication in that app.
My question is: Does the AWS Cognito right tool to built my own SSO service with OpenID Connect that will suit well for the case described above?
yes, it will. Other alternatives are Auth0, Microsoft Azure AD
Related
Google as a identity provider I am trying to achieve Single Sign-On (SSO) for Salesforce android app. Need help on choosing the authentication methods(Ex : SAML, OAuth2.0).
Documentation for the authentication methods will be of great help
I can see you were asking how to download the certificate from the IdP (I am unable to comment on the question by the way). You can download it from Admin console > Security > Set up Single Sign On for SAML applications and download the certificate your app is using from there.
I have a react application which uses Amplify to connect to AWS cognito userpool. I wanted to connect zendesk to this userpool using SAML, so that any user, logged into my react application should automatically get logged into zendesk.
I went through zendesk's documentation for SSO and it supports SAML based authentication. But on congito side, it doesn't support SAML as an Identity Provider.
Can somebody please help me understand the right way of connecting these two applications?
Recently I faced a new requirement to link or connect Google oidc external provider with aws cognito.
Background: my frontend application is running in aws and integrated with cognito for users and groups. Due to new requirements I have to connect client web application (jupyterhub) which is running on GCP vm instances.
My question is here : is this compatible or possible to use Google IAP with external oidc provider which could link to aws cognito app client and provide cognito UI to login?
Has someone faced such situation?
I would appreciate any comments or thought on this scanerio.
Many thanks
Adam
You can authenticate users with a wide range of identity providers such as OIDC and more by combining IAP and Identity Platform.
Identity Platform can be used to sign in users with an OpenID Connect (OIDC) provider.
is there any possibility how to use Chrome(Google) identity to authenticate AWS API Gateway?
I know that AWS Cognito supports Google as external federated identity provider. However when creating OAuth client within Google Developers console for my Chrome App, only ClientID is generated. App secret is is available for web apps, mobile..., but not Chrome App.
Thank you for any advice.
Regards,
Robert
I am building iOS app and was looking into AWS MobileHub...I am trying to setup sign-in using AWS Cognito, I have configured the identitypool with my custom OpenID Connect provider (I built my own with IdentityServer) but when I configure Sign in using the MobileHub it only gives me the option to use Facebook, Google, Twitter (coming soon), or a custom authentication backend (NOT OpenID)...am I missing something or is this not supported yet with MobileHub.
Mobile Hub does not currently support OpenID Connect providers. However, because you have configured your Cognito identity pool to support OpenID, you can use the AWS SDK directly to handle authentication. This blog post should help:
https://blogs.aws.amazon.com/security/post/Tx3LP54JOGBE0AY/Building-an-App-using-Amazon-Cognito-and-an-OpenID-Connect-Identity-Provider