Search Results :

×

Single Sign-On into AWS Cognito using WordPress as OAuth Server | AWS Cognito SSO


Get Free Trial

WordPress OAuth Server plugin enables AWS Cognito Single Sign-On (SSO) using your WordPress username and password. Once you configure the AWS Cognito with WordPress OAuth Server plugin, you can login to your AWS Cognito using WordPress credentials. OAuth Server plugin also allows you to send custom WordPress user attributes to your AWS Cognito as per your requirements. To know more about other features we provide in WordPress OAuth Server plugin, you can click here.

Download And Installation

  • Log into your WordPress instance as an admin.
  • Go to the WordPress Dashboard -> Plugins and click on Add New.
  • Search for a WordPress OAuth Server Single Sign-On (SSO) plugin and click on Install Now.
  • Once installed click on Activate.

Steps to configure WordPress Login into AWS Cognito Single Sign-On (SSO)

1. Setup WordPress as OpenID Connect Server

  • Go to miniOrange OAuth Server plugin on the left side menu and choose your OpenID Connect client from the list, Here Custom OpenID Connect.
  • OAuth server Single Sign-On (SSO) WordPress-  add client
  • Enter Client name as you want. Enter the Redirect / Callback URL like (https://Your-cognito-app-domain/oauth2/idpresponse) from AWS Cognito and enter under Redirect URI field. Click on Save client button.
  • OAuth server Single Sign-On (SSO) WordPress- cognito Authorized Redirect URI
  • Note down Client ID, Client Secret, and Discovery Endpoint to configure in your OpenID Connect Client.
  • OAuth server Single Sign-On (SSO) WordPress- cognito configuration

2. Setup AWS Cognito as OpenID Connect Client

  • First of all, go to Amazon Console and sign up/login in your account to Configure AWS Cognito.
  • AWS Cognito Single Sign-On (SSO) - Login to Amazon Console
  • Search for Cognito in the AWS Services search bar as shown below.
  • AWS Cognito Single Sign-On (SSO) - Search for AWS Cognito
  • Click on Mange User Pools button to see the list of your user pools.
  • AWS Cognito Single Sign-On (SSO) - AWS Cognito User Pools
  • Click on Create a user pool to create a new user pool.
  • AWS Cognito Single Sign-On (SSO) - Create New AWS Cognito Pool
  • Add a Pool Name and click on the Review Defaults button to continue.
  • AWS Cognito Single Sign-On (SSO) - Name your AWS Cognito User Pool
  • In the navigation bar present on the left side, click on Identity providers option and select the OpenId Connect.
  • AWS Cognito Single Sign-On (SSO) - Name your AWS Cognito User Pool
  • Provide the necessary details, such as provider name, Client ID, Client Secret, Scope, and Issuer Endpoint. Paste the Discovery Endpoint (which is available in our premium plugin version) from miniOrange OAuth Server plugin under Issuer. Click on the Run discovery button and then Create Provider.
  • Client ID : Click Here
    Client Secret : Click Here
    Issuer Endpoint : //<your domain>/wp-json/moserver/<client-id>
    Scope : openid profile email
    AWS Cognito Single Sign-On (SSO) - click on save
  • Scroll down and click on Configure Attribute Mapping option.
  • AWS Cognito Single Sign-On (SSO) - attribute mapping
  • Add the OIDC attribute and User pool attribute by clicking on Add OIDC attribute option. Click on Save Chnages button.
  • AWS Cognito Single Sign-On (SSO) - add oidc attribute
  • click on “App client” & then again click on Add an app client.
  • AWS Cognito Single Sign-On (SSO) - AWS Cognito App Client AWS Cognito Single Sign-On (SSO) - AWS Cognito App Client
  • Enter an App Client Name and click on Create app client to create an App client.
  • AWS Cognito Single Sign-On (SSO) - Create App Client AWS Cognito Single Sign-On (SSO) - Create App Client
  • Go to domain name and enter a domain name for your app. After adding domain name you can check its availability by clicking on “Check availability” button. After entering valid domain name click ”Save changes” button.
  • AWS Cognito Single Sign-On (SSO) - AWS Cognito Domain Name
  • In the navigation bar present on the left side, click on the App Client Settings option under the App Integration menu.
  • AWS Cognito Single Sign-On (SSO) - AWS Cognito  client setting
  • Enable Identity provider as Select all and enter your Callback/Redirect URL which you will get from your miniOrange plugin present on your Server side under the CallBack URLs text-field. Select Authorization code grant checkbox under the Allowed OAuth Flows and also select openid and profile checkboxes under the Allowed OAuth Scopes option (Please refer to the image below). Click on the Save Changes button to save your configurations.
  • AWS Cognito Single Sign-On (SSO) - server callback url
  • Scroll down and click on Launch Hosted UI option and click on login button.
  • AWS Cognito Single Sign-On (SSO) - AWS Cognito hosted url AWS Cognito Single Sign-On (SSO) - AWS Cognito App Clienlogin buttont

You have successfully configured AWS Cognito as OAuth Client for for achieving AWS Cognito Single Sign-On (SSO) with WordPress for user authentication.

In this Guide, you have successfully configured AWS Cognito Single Sign-On (SSO) with WordPress as OAuth Provider and AWS Cognito as OpenID Connect Client using our WP OAuth Server plugin. This solution ensures that you are ready to roll out secure access to your AWS Cognito application using WordPress site credentials within minutes.

Additional Resources


Need Help?

Mail us on oauthsupport@xecurify.com for quick guidance (via email/meeting) on your requirement and our team will help you to select the best suitable solution/plan as per your requirement.

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com