Setup Guide for AWS Cognito App

Step 1: Setup AWS Cognito as OAuth Provider

  • Sign in to AWS Amazon.
  • Now enter “Cognito” in search textbox & select Cognito from dropdown.
  • OAuth / OPenID Single Sign On (SSO) , AWS-Cognito, Management-Console
  • Go to “Manage your user pools”
  • OAuth/OpenID/OIDC Single Sign On (SSO), AWS cognito SSO Login Manage user pools
  • Click on “Create a user pool”
  • OAuth/OpenID/OIDC Single Sign On (SSO), AWS cognito SSO Login Create a user pool
  • Add pool name and select “Review Defaults”.
  • OAuth/OpenID/OIDC Single Sign On (SSO), AWS cognito SSO Login Review Defaults
  • Click on “Add app client” & then click on Add an app client
  • OAuth/OpenID/OIDC Single Sign On (SSO), AWS cognito SSO Login Add app client
  • Enter App client name & then Click on “Create app client”.
  • OAuth/OpenID/OIDC Single Sign On (SSO), AWS cognito SSO Login Create app client
  • Click on Return to pool details. After this click on “Create Pool”.
  • Navigate to App client settings.
    • Select “Cognito User Pool”, add callback URL. You will get this callback URL from the plugin.
    • Add application home page URL has to Sign out URL.
    • Also, select Authorization code grant as “Allowed OAuth Flows” & select OpenID as “Allowed OAuth Scopes”.
    • After selecting all details click on Save changes button.
    • OAuth/OpenID/OIDC Single Sign On (SSO), AWS cognito SSO Login Save changes
  • Go to “App client” and click on “Show details” to get a client ID and client secret.
  • OAuth/OpenID/OIDC Single Sign On (SSO), AWS cognito SSO Login App client
  • Go to domain name and enter a domain name for your app. After adding domain name you can check its availability by clicking on “Check availability” button. After entering valid domain name click ”Save changes” button.
  • OAuth/OpenID/OIDC Single Sign On (SSO), AWS cognito SSO Login domain name
  • Complete domain name: The complete domain name that you need to enter in plugin is {your domain name}.auth.{region name}.amazoncognito.com
  • Add Users / Groups to Cognito App : Go to Users and groups and then click on Users. After this click on Create user.
  • OAuth/OpenID/OIDC Single Sign On (SSO), AWS cognito SSO Login Add Users / Groups
  • Fill all required informations and click on Create user.
  • OAuth/OpenID/OIDC Single Sign On (SSO), AWS cognito SSO Login Create user
  • Click on Groups and then click on Create group.
  • OAuth/OpenID/OIDC Single Sign On (SSO), AWS cognito SSO Login Groups
  • Fill all required informations and click on Create group.
  • OAuth/OpenID/OIDC Single Sign On (SSO), AWS cognito SSO Login Create group