Search Results :

×

Hubspot Single Sign-On (SSO) using AWS Cognito as Identity Provider

Hubspot Single Sign-On (SSO) using AWS Cognito as Identity Provider


miniOrange Hubspot OAuth Single Sign-On (SSO) application enables secure login into Hubspot CMS landing pages, blogs and other pages using AWS Cognito as OAuth provider. It supports advanced Single Sign-On (SSO) features such as user profile Attribute mapping, etc.

Here we will go through a guide to configure SSO between Hubspot and AWS Cognito. By the end of this guide, users should be able to login to Hubspot from AWS Cognito. To know more about miniOrange Hubspot OAuth Single Sign-On plugin and other Hubspot Integrations, you can click here.

Feel free to contact us at hubspotsupport@xecurify.com to know more about how to install the miniOrange Hubspot OAuth Single Sign-On app.


Download And Installation

  • Log into your Hubspot account as an admin.
  • Click here to install miniOrange Hubspot OAuth Single Sign-On (SSO) app.

Steps to configure Hubspot Single Sign-On (SSO) Login with AWS Cognito as Identity Provider

1. Setup AWS Cognito as OAuth Provider

  • First of all, go to Amazon Console and sign up/login in your account to Configure AWS Cognito.
  • AWS Cognito Single Sign-On (SSO)  for Hubspot- Login to Amazon Console
  • Search for Cognito in the AWS Services search bar as shown below.
  • AWS Cognito Single Sign-On (SSO)  for Hubspot- Search for AWS Cognito
  • Click on Mange User Pools button to see the list of your user pools.
  • AWS Cognito Single Sign-On (SSO)  for Hubspot- AWS Cognito User Pools
  • Click on Create a user pool to create a new user pool.
  • AWS Cognito Single Sign-On (SSO)  for Hubspot- Create New AWS Cognito Pool
  • Add a Pool Name and click on the Review Defaults button to continue.
  • AWS Cognito Single Sign-On (SSO)  for Hubspot- Name your AWS Cognito User Pool
  • Scroll down and click on “Add app client” & then again click on Add an app client.
  • AWS Cognito Single Sign-On (SSO)  for Hubspot- AWS Cognito App Client AWS Cognito Single Sign-On (SSO)  for Hubspot- AWS Cognito App Client
  • Enter an App Client Name and click on Create app client to create an App client.
  • AWS Cognito Single Sign-On (SSO)  for Hubspot- Create App Client AWS Cognito Single Sign-On (SSO)  for Hubspot- Create App Client
  • Click on Return to Pool Details to come back to your configuration.
  • AWS Cognito Single Sign-On (SSO)  for Hubspot- AWS Cognito Pool
  • Click on Create Pool button to save your settings and create a user pool.
  • AWS Cognito Single Sign-On (SSO)  for Hubspot- Save AWS Cognito Pool
  • In the navigation bar present on the left side, click on the App Client Settings option under the App Integration menu.
  • AWS Cognito Single Sign-On (SSO)  for Hubspot- AWS Cognito App Details
  • Enable Identity provider as Cognito user pool and enter your Callback/Redirect URL which you will get from your miniOrange plugin present on your Client side under the CallBack URLs text-field. Select Authorization code grant checkbox under the Allowed OAuth Flows and also select openid and profile checkboxes under the Allowed OAuth Scopes option (Please refer to the image below). Click on the Save Changes button to save your configurations.
  • AWS Cognito Single Sign-On (SSO)  for Hubspot- AWS Cognito App Client
  • Click on Choose Domain Name option to set a domain name for your app.
  • AWS Cognito Single Sign-On (SSO)  for Hubspot- AWS Cognito Domain Names
  • Go to domain name and enter a domain name for your app. After adding domain name you can check its availability by clicking on “Check availability” button. After entering valid domain name click ”Save changes” button.
  • AWS Cognito Single Sign-On (SSO)  for Hubspot- AWS Cognito Domain Name
  • Complete domain name: Copy the complete domain name {your domain name}.auth.{region name}.amazoncognito.com. You need to enter this into the endpoints field under <cognito-app-domain> in the miniOrange Single Sign-On (SSO) app.
  • AWS Cognito Single Sign-On (SSO)  for Hubspot- AWS Cognito Domain Name
  • Go to “App client” and click on “Show details” to get a client ID and client secret. (Keep client ID and client secret handy as you will need it later.)
  • AWS Cognito Single Sign-On (SSO)  for Hubspot- Client Details
  • Click on Users and groups option under the General Settings menu in the left side navigation bar. Then, click on the Create user button to add a new user.
  • AWS Cognito Single Sign-On (SSO)  for Hubspot- App New User Creation
  • Fill all the required details and click on Create user.
  • AWS Cognito Single Sign-On (SSO)  for Hubspot- Client Configuration
  • You can see the new user created.
  • AWS Cognito Single Sign-On (SSO)  for Hubspot- App Client Configuration

2. Setup Hubspot as OAuth Client

  • Install the miniOrange Single Sign-On (SSO) app on your hubspot account and Click on Connect App.
  • Enable Hubspot Single Sign-On(SSO)  Login using AWS Cognito as Identity Provider
  • You will see the following screen where you need to fill in the endpoint details:
  • Enable Hubspot Single Sign-On(SSO)  Login using AWS Cognito as Identity Provider
  • Enter the Client ID, Client Secret scope and the Endpoint URLs in the plugin.(Refer to the below table)

    Client ID Click Here
    Client Secret Click Here
    Scope openid
    Authorize Endpoint: https://<cognito-app-domain>/oauth2/authorize
    Access Token Endpoint: https://<cognito-app-domain>/oauth2/token
    Get User Info Endpoint: https://<cognito-app-domain>/oauth2/userInfo
    Custom redirect URL after logout:[optional] https://<cognito-app-domain>/logout?client_id=<Client-ID>&logout_uri=<Sign out URL configured in Cognito Portal>
  • Click on Save button and then Test Configuration.
  • Enable  Hubspot Single Sign-On(SSO)  Login using AWS Cognito as Identity Provider
  • After successful login, you will see all the values returned by your AWS Cognito to Hubspot in a table.
  • Enable  Hubspot Single Sign-On(SSO)  Login using AWS Cognito as Identity Provider

    Restrict public access to Hubspot website/ pages/ content (Landing Page or Blog)

  • Restricting access to your HubSpot website can help to protect your pages from unauthorized access. By restricting access, you can ensure that only authorized users can view and interact with your pages. This can be useful for protecting sensitive information. This will allow you to restrict access to your hubspot pages / content as visitors will be needed to login first and then they will be able to access the hubspot page. This will also help you to track your vistors and also generate potential leads.
  • Now go to you Hubspot dashboard and Click on CMS HUB Free -> Marketing ->Website and choose Website Page or Blog. We have chosen Website Pages for this tutorial.
  • Enable  Hubspot Single Sign-On(SSO)  Login using AWS Cognito as Identity Provider
  • Select the page on which you want to enable (Forced Authentication or SSO) and click the Edit button. Here we have seleceted and HomePage.
  • Enable  Hubspot Single Sign-On(SSO)  Login using AWS Cognito as Identity Provider
  • Goto Settings tab and scroll down to Advanced Settings. Copy the script that you see in Step 6 and paste it inside the HTML section of Advanced Settings and click Publish button.
  • Enable  Hubspot Single Sign-On(SSO)  Login using AWS Cognito as Identity Provider
  • Now, if you go to the page in which you included the script, you will see the following screen and required to put in Login Credentials of your Identity Provider.
  • Enable Hubspot Single Sign-On(SSO)  Login using AWS Cognito as Identity Provider
  • Fill in the login credentials and click Login, you will be redirected to the website page successfully.
  • Enable  Hubspot Single Sign-On(SSO)  Login using AWS Cognito as Identity Provider

    Congratulations! You have successfully integrated AWS Cognito with Hubspot to enable AWS Cognito users to see your Hubspot content.


Track your visitors (Contact Sync)

  • After a user logs in through the Single Sign-On feature, a contact will be created which includes his details that are received from the Cognito (Identity Provider).

  • This can be very useful for generating leads, as it allows you to quickly and easily add new contacts to your HubSpot marketing and sales pipelines. By using contact sync, you can ensure that your HubSpot account is always up-to-date with the latest information about your leads and customers (site visitors), which can help you to more effectively target your marketing efforts and generate more qualified leads.
  • Hubspot Contacts Page

Additional Resources


Need Help?

Mail us on hubspotsupport@xecurify.com for quick guidance(via email/meeting) on your requirement and our team will help you to select the best suitable solution/plan as per your requirement.




Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com