This guide help for configure AWS Cognito as SP and Drupal as IDP
Step 1: Download Metadata XML file from IdP
- Go to IDP METADATA tab. Click on Download XML Metadata button. Keep this XML file to configure your SP.
Step 2: Configure AWS Cognito
- First of all, go to Cognito Console and sign up/login in your account to Configure AWS Cognito.
- Go to Services > Security, Identity, & Compliance > Cognito.
- Click Manage User Pools, then Create a user pool.
- Enter a name for the Pool Name. Click Review Defaults, then Create Pool.
- On the left side, select Domain name.
- Enter an available domain prefix, then save it.
- On the left side, choose Identity provider.
- Select SAML.
- Upload the downloaded in step-1 Drupal IDP metadata file, name it, then click Create Provider.
- Under Federation, select Attribute mapping.
- Add the required email attribute and any additional user attributes.
- Click Save changes.
Step 3: Configuring Drupal as Identity Provider (IDP)
- In miniOrange Drupal SAML IDP module, go to Service Provider tab.
- In the SP Entity ID field, enter urn:amazon:cognito:sp:(YourUserPoolId)
- Replace “yourUserPoolId” with your Amazon Cognito user pool ID.
- To find the User Pool ID:
- Log in to the AWS Management Console as an administrator.
- Go to Services > Security, Identity, & Compliance, then select Cognito.
- Select Manage User Pools, then the user pool you want to use in the configuration.
- Find Pool Id at the top of the list.
- In the ACS URL field, enter: https://YourSubdomain.amazoncognito.com/saml2/idpresponse and save it.
- Now you have successfully configured miniOrange Drupal SAML IDP with AWS Cognito as SP.
Congratulations, you have successfully configured the miniOrange Drupal SAML SSO plugin.
If you are looking for anything which you cannot find, please drop us an email on email@example.com