Search Results :

×

SAML Single Sign-On (SSO) in AWS Cognito (SP) | Magento – AWS Cognito SSO Login

Login into AWS Cognito using Magento user credentials. This guide will help you integrate Magento as a SAML 2.0 Identity Provider (IdP) and AWS Cognito as a Service Provider (SP) using the miniOrange Magento SAML IDP (Identity Provider) Extension. Magento SAML IDP extension gives you the ability to use your Magento credentials to login into AWS Cognito (SP). Here we will go through a step-by-step guide to configure SSO between AWS Cognito as SP (Service Provider) and Magento as IDP (Identity Provider).

  • Purchase the miniOrange SAML IDP Single Sign-On extension from magento marketplace.
  • Go to My profile -> My Purchases
  • Please ensure you are using correct access keys (My Profile - Access Keys)
  • Paste the access keys in your auth.json file inside your project
  • Use the below command to add the extension to your project.
    "composer require {module_name}:{version}"
  • You can see the module name and list of versions in the selector below the extension module name.
  • Run the following commands on command prompt to enable the extension.
  • php bin/magento setup:upgrade
  • Download the miniOrange SAML IDP Single Sign-On extension.
  • Unzip all contents of the zip inside the MiniOrange/IDPSaml directory.
  • {Root Directory of Magento} app code MiniOrange IDPSaml
  • Run the following commands on command prompt to enable the extension
  • php bin/magento setup:upgrade

  • Go to the Amazon Cognito console. You might be prompted for your AWS credentials.
  • Choose an existing user pool from the list, or Create a User Pool.
Magento AWS Cognito SSO | create user pool aws cognito as sp- AWS SSO Login with Magento | SSO Login

Configure SAML Identity Provider in your user pool.

  • Go to your User Pool.
  • Navigate to the Sign-In Experience tab.
Magento AWS Cognito SSO | Sign-in-Experience-litmos AWS SSO Login with Magento | SSO Login

  • Scroll down to the Federated identity provider sign-in section.
  • Click on Add identity provider (if not already created).
Magento AWS Cognito SSO | Add Identity Provider If not created - AWS SSO Login with Magento | SSO Login

  • Choose SAML as Identity Provider.
Magento AWS Cognito SSO | SAML As IDP - AWS SSO Login with Magento | SSO Login

  • Enter a name for your Identity provider.
  • Choose your desired method to Upload IDP Metadata.
  • Click on the Add Identity provider.
Magento AWS Cognito SSO | Add Identity Provider- AWS SSO Login with Magento | SSO Login

Change App client settings for your user pool.

  • In the User Pool, under App integration.
  • Go to your configured App Client, and scroll down to the Hosted UI section.
  • Click on Edit.
Magento AWS Cognito SSO | save app client info aws cognito as sp- AWS SSO Login with Magento | SSO Login

  • On the Hosted UI edit page, do the following : For Callback URL(s), enter a URL where you want your users to be redirected after they log in. For testing, you can enter any valid URL, such as https://www.example.com/. Under Identity providers, select the Name provided while configuring Identity Provider in the previous step and Cognito User Pool from the dropdown. Under OAuth 2.0 grant types, select Authorization code grant and Implicit grant from the dropdown.
Magento AWS Cognito SSO | Hosted sign up and sign in - AWS SSO Login with Magento | SSO Login

Magento AWS Cognito SSO | Hosted sign up and sign in - AWS SSO Login with Magento | SSO Login

  • Click on Save Changes.

  • In the miniOrange IDP (Identity Provider) extension, go to Applications tab.
  • Magento SAML IDP  | Login with Magento Users - Magento AWS Cognito SSO
  • Search for AWS Cognito in the choose application searchbox and select the application.
  • Magento SAML IDP  | Login with Magento Users - Magento AWS Cognito SSO
  • Enter the Application name under SP Name.
  • Magento SAML IDP  | Login with Magento Users - Magento AWS Cognito SSO
  • Now, enter the SP Entity ID or Issuer and ACS URL copied earlier and save the details.
  • Magento SAML IDP  | Login with Magento Users - Magento AWS Cognito SSO
  • Navigate to the Applications tab and click on Metadata settings for the AWS Cognito application
  • Magento SAML IDP  | Login with Magento Users - Magento AWS Cognito SSO
  • Here, you can find the Identity Provider Metadata URL /XML Metadata or endpoints like IDP Entity ID, SAML Login URL, SAML Logout URL (Premium Feature), Certificate. You can also download the IdP Metadata XML file which will be used for AWS Cognito Server configuration.
  • Magento SAML IDP  | Login with Magento Users - Magento AWS Cognito SSO
  • You will now have 3 options to provide the IDP Metadata to AWS Cognito server by downloading the XML Metadata, Metadata URL or providing the detials manually.
  • Option 1 - Download the XML Metadata.
  • Download the XML Metadata by clicking it on Download XML Metadata button.
  • Magento SAML IDP  | Login with Magento Users - Magento AWS Cognito SSO
  • Navigate to your AWS Cognito and upload the XML metadata file downloaded and click on the Fetch Metadata button.
  • Magento SAML IDP  | Login with Magento Users - Magento AWS Cognito SSO
  • Option 2 - Provide the details manually to the AWS Cognito.
  • Copy the metadata details according to the table below.
  • Magento SAML IDP  | Login with Magento Users - Magento AWS Cognito SSO
    IDP-EntityID / Issuer IDP-EntityID / Issuer
    Single Sign On URL SAML Login URL / Passive Login URL
    SAML X509 Certificate Certificate
  • Navigate to your AWS Cognito and paste the metadata details.
  • In the miniOrange Magento IDP extension, navigate to the Applications tab and click on Edit settings for the AWS Cognito application.
  • Magento 2 SAML IDP  | Login with Magento Users - Magento AWS Cognito SSO
  • Click on Add Attribute button.
  • Magento 2 SAML IDP  | Login with Magento Users - Magento AWS Cognito SSO
  • Add the attribute name you want to send to your service provider and select the attribute from the dropdown menu and click on Save Button to save changes.
  • Magento 2 SAML IDP | Login with Magento Users - Magento AWS Cognito SSO

    You have successfully configured the SAML SSO between AWS Cognito as SAML SP and Magento as SAML IDP.



ADFS_sso ×
Hello there!

Need Help? We are right here!

support