OAuth Single Sign-On (SSO) For DotNetNuke Sites Using AWS Cognito As OAuth Provider

DNN OAuth Single Sign-On (SSO) module gives the ability to enable OAuth Single Sign-On for your DotNetNuke site. Using Single Sign-On you can use only one password to access your DotNetNuke site and services. Our module is compatible with all the OAuth compliant Identity providers. Here we will go through a step-by-step guide to configure Single Sign-On (SSO) between DNN and AWS Cognito considering AWS Cognito as OAuth Provider.

Download and install module in DotNetNuke

  • Download the DNN Oauth Single Sign On module with above link.
  • Extract the package and upload the extension dnn-oauth-single-sign-on_xxx_Install by going to Settings > Extension > Install Extension
  • DNN AWS Cognito OAuth SSO - install extension

Step 1: Adding Module on DNN page

  • Open any of the page on your DNN site (Edit mode) and Click on Add Module .
  • DNN AWS Cognito OAuth SSO - add dnn module
  • Search for oauthclientsso and click on the oauthclientsso. Drag and drop the module on the page where you want.
  • DNN AWS Cognito OAuth SSO - oauthclientsso
  • You have finished with the Installation of the module on your DNN site.
  • If you want to add module on every page of your dnn site, go to Module Settings >> Module Settings >> Advanced Settings.
  • DNN AWS Cognito OAuth SSO - advanced settings
  • Check the box for Display Module on All Pages and click on Update.

Step 2: Configure AWS Cognito as OAuth Provider

  • Go to Module Settings >> oauthclientsso Settings
  • You can see the Oauth / Openid providers list.
  • DNN AWS Cognito OAuth SSO - selectapplication
  • Search your OAuth Provider application here 'AWS Cognito' or click on your OAuth Provider application from the given applications.
  • If your Application/ Server Name is not there in default list. You can click on Custom OAuth 2.0 App or Custom OpenID Connect App to add custom OAuth/OpenID Connect Server.
  • Note: For Default Applications in the default list, endpoints and scopes are auto-filled. But you can change it if required.
  • To configure OAuth Provider application, go to Amazon Console and sign up/login in your account to Configure AWS Cognito.
  • Search for Cognito in the AWS Services search bar as shown below.
  • DNN AWS Cognito OAuth SSO -  Search for AWS Cognito
  • Click on Mange User Pools button to see the list of your user pools.
  • DNN AWS Cognito OAuth SSO -  AWS Cognito User Pools
  • Click on Create a user pool to create a new user pool.
  • DNN AWS Cognito OAuth SSO - Create New AWS Cognito Pool
  • Add a Pool Name and click on the Review Defaults button to continue.
  • DNN AWS Cognito OAuth SSO -  Name your AWS Cognito User Pool
  • Scroll down and click on the Add App Client option in front of App Clients.
  • DNN AWS Cognito OAuth SSO -  AWS Cognito App Client
  • Click on Add an App Client. Enter an App Client Name and click on Create app client to create an App client.
  • DNN AWS Cognito OAuth SSO -  Create App Client
  • Click on Return to Pool Details to come back to your configuration.
  • DNN AWS Cognito OAuth SSO -  Configure AWS Cognito Pool
  • Click on Create Pool button to save your settings and create a user pool.
  • DNN AWS Cognito OAuth SSO -  Save AWS Cognito Pool
  • In the navigation bar present on the left side, click on the App Client Settings option under the App Integration menu.
  • DNN AWS Cognito OAuth SSO -  AWS Cognito App Details
  • Enable Identity provider as Cognito user pool and enter your Callback/Redirect URL which you will get from miniOrange ASP.NET OAuth Client under the CallBack URLs text-field. Select Authorization code grant checkbox under the Allowed OAuth Flows and also select openid and profile checkboxes under the Allowed OAuth Scopes option (Please refer to the image below). Click on the Save Changes button to save your configurations.
  • DNN AWS Cognito OAuth SSO -  Configure AWS Cognito App Client
  • Click on Choose Domain Name option to set a domain name for your app.
  • DNN AWS Cognito OAuth SSO -  AWS Cognito Domain Names
  • Enter your Domain Name under the Domain Prefix text-field and click on the Save Changes button to save your domain name.
  • DNN AWS Cognito OAuth SSO -  Configure AWS Cognito Domain Name
  • Click on App Clients option under the General Settings menu in the left side navigation bar. Then, click on the Show Details button to see your App details like Client ID, Client secret etc.
  • DNN AWS Cognito OAuth SSO -  AWS Cognito App Client Details
  • Copy the Client App ID and Client App Secret text field values which you will require in Step 3 to configure miniOrange ASP.NET OAuth Client.
  • DNN AWS Cognito OAuth SSO - SSO AWS Cognito App Client Configuration
  • Click on Users and groups option under the General Settings menu in the left side navigation bar. Then, click on the Create user button to add a new user.
  • DNN AWS Cognito OAuth SSO -  AWS Cognito App New User Creation
  • Fill all the required details and click on Create user.
  • DNN AWS Cognito OAuth SSO - SSO AWS Cognito App Client Configuration
  • You can see the new user created.
  • DNN AWS Cognito OAuth SSO -  AWS Cognito App Client Configuration

    AWS Cognito Endpoints and Scope:


    Client ID : Click Here
    Client Secret : Click Here
    Scope: openid
    Authorize Endpoint: https://<cognito-app-domain>/oauth2/authorize
    Access Token Endpoint: https://<cognito-app-domain>/oauth2/token
    Get User Info Endpoint: https://<cognito-app-domain>/oauth2/userInfo
    Custom redirect URL after logout:[optional] https://<cognito-app-domain>/logout?client_id=<Client-ID>&logout_uri=<Sign out URL configured in Cognito Portal>

Step 3: Test Configuration

  • After saving settings, you can see the list of applications you have configured.
  • Click on Edit to update the configuration.
  • DNN AWS Cognito OAuth SSO - test configuration
  • Click on Test Configuration to check if the configuration is correct.
  • On successful configuration, you will get Attributes Name and Attribute Values on Test Configuration window.

Step 4: Mapping the basic attributes

  • Go to the oauthclientsso settings >> Advanced Settings >> Attribute Mapping.
  • DNN AWS Cognito OAuth SSO - attribute mapping
  • Map email and username with Attribute Name you can see in Test Configuration window.

Step 5: Adding widget

  • For adding the widget go to Add Widget.
  • DNN AWS Cognito OAuth SSO - adding widget
  • Click on Add Widget button. A button will be added on the DNN page.

    You can configure the ASP.NET SAML 2.0 Single Sign-On (SSO) module with any Identity Provider such as ADFS, Azure AD, Bitium, Centrify, G Suite, JBoss Keycloak, Okta, OneLogin, Salesforce, AWS Cognito, OpenAM, Oracle, PingFederate, PingOne, RSA SecureID, Shibboleth-2, Shibboleth-3, SimpleSAML, WSO2 or even with your own custom identity provider.

Application LINK
SAML SSO into DotNetNuke (DNN) site Click here
SAML SSO into SiteFinity site Click here
SAML SSO into Umbraco site Click here
Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com