Thankyou for the end to end demo, would like to ask your some inputs on the attribute as groups(member of some group) mapping to cognito attribute and authenticate ALB.
Thanks for the video. But, I would like to know, after we get the code in the url after login. In my UI how I retrieve the user info using the code. In front end I am using angular and aws amplify. Please help with that part... All the documentation available now are quite old. Which is not helping much
Good video Manoj, can we have mutliple AD to federate. eg: my application is in AWS, if I need to add some different users from different organization ( more than one), they all are having their own Azure AD, is it possible to federate mutilple AD to single AWS cognito?
Thank you Manoj! Excellent tutorial. I had a question. I am also setting up an external identity using b2c and AWS congnito. In my case there will users from all over the world who might connect to our application using aws credentials.How does it work in this case? Do i need to set up the aws user pool for every user or is it done once?
Very useful Video...manoj, I got requirement like if internal user (AD) try to access my site then it should not prompt AWS Cognito screen and directly go to dashboard but if external user (public facing site as well) access site it should prompt Cognito Login screen so that they will enter details once they signup mail has to sent to my business team where they will approve/deny user to get access for site. (For this task do I need to use Dynamo DB?) Hope I will get some guidance from you as I am new to AWS Cognito...Thank you in advance Manoj
Amazing tutorial Manoj. Two questions, if I have multiple ADs (integrated from different clients), do I need a separate login page for each client org or just one for all AD clients (assume the latter)? Do you also need to create a new pool for every org, or just one for ALL clients that want to use AD?
Excellent One question i had setup a application application but when click on enterprise application link rom access portal i am getting below error Required String parameter 'RelayState' is not present but rom aws cognito url it working
Excellent video, Manoj. Working on a project that uses cognito with AD, I do not understand how to use the url logout in the web app. Where do I find docs and examples ?
@@EnlearAcademy Thanks for this awesome video, Manoj. When I try to redirect the browser on logout, it takes the user back to log in but signs them back in without prompting email/password. I should probably mention that this is with Implicit flow turned on. Otherwise, if I turn off implicit flow, I get a 'unauthorized client' error on sign in. Do you have any idea why this might be happening? Thanks in advance!
I need to do just this. Does anyone know if this tutorial is still accurate today? Considering it was made 4 years ago, and also I'm new to using both AWS and Azure lol.
Thanks for sharing this,Its a excellent video. In my case i need to search from my IDP and if the user is present in the IDP db then need to create users in my user pool and next time sign in should be done from the user pool itself.Can u please suggest me how to do this.Thanks
@@EnlearAcademy Hey thanks for replying. i didn't expect you would reply. I was thinking the same thing but i was not sure how to connect to IDP in my lambda function.If you don't mind can you share any reference.And sorry for bothering you.
Hi Sir.. Thank you providing great content which helped me to implement the same but I am facing an issue after ad authentication and not able to login with user, though the user profile is created successfully in the cognito. it shows "User does not exist." can you please help me on this ?
I already done each steps in video and successfully access the page behind Cognito , but all the users in Azure AD can access it , Can I only allow specific user/group in Azure to access page behind Cognito?
That's a very good explanation on the integration! How do we assign a Cognito user group to a an Azure AD user ? The user record in Cognito seem to be created dynamically when the user logs in for the first time. My requirement is to assign specific roles to the Azure AD users using Cognito user groups. Is that possible?
@@VenuGopal-es9gt If I remember, you can configure AD to propagate the AD group attribute as part of the authentication response. Then use cognito hook lambda function to map the AD group to the corresponding cognito user group.
Dont know if you guys cares but if you guys are stoned like me during the covid times you can watch pretty much all the latest series on instaflixxer. Been watching with my gf lately =)
Thankyou for the end to end demo, would like to ask your some inputs on the attribute as groups(member of some group) mapping to cognito attribute and authenticate ALB.
Excellent! This was excactly what I was looking for:-)
Excellent tutorial Sir! Thank you !!!
Thank You! Could You say how to use it with ALB?
Simple and clear. I wanted to know what if I have a custom login screen. In that case how will I create the flow to azure active directory
Thank you very much for the grateful explanation ❤️
Thanks for the video. But, I would like to know, after we get the code in the url after login. In my UI how I retrieve the user info using the code. In front end I am using angular and aws amplify. Please help with that part... All the documentation available now are quite old. Which is not helping much
Thanks for the video.
What are the reasons for choosing SAML over OpenID Connect?
Also, It will be great to have a multi-tenant example as well.
Good video Manoj, can we have mutliple AD to federate. eg: my application is in AWS, if I need to add some different users from different organization ( more than one), they all are having their own Azure AD, is it possible to federate mutilple AD to single AWS cognito?
Thank you Manoj! Excellent tutorial. I had a question. I am also setting up an external identity using b2c and AWS congnito. In my case there will users from all over the world who might connect to our application using aws credentials.How does it work in this case? Do i need to set up the aws user pool for every user or is it done once?
Very useful Video...manoj, I got requirement like if internal user (AD) try to access my site then it should not prompt AWS Cognito screen and directly go to dashboard but if external user (public facing site as well) access site it should prompt Cognito Login screen so that they will enter details once they signup mail has to sent to my business team where they will approve/deny user to get access for site. (For this task do I need to use Dynamo DB?)
Hope I will get some guidance from you as I am new to AWS Cognito...Thank you in advance Manoj
Very nice Manoj, How we can configure the same for mobile application?
Very Infomative Video
Amazing tutorial Manoj. Two questions, if I have multiple ADs (integrated from different clients), do I need a separate login page for each client org or just one for all AD clients (assume the latter)? Do you also need to create a new pool for every org, or just one for ALL clients that want to use AD?
Thank you very much. Simple and informative. Really great.
You are welcome!
Excellent One question i had setup a application application but when click on enterprise application link rom access portal i am getting below error
Required String parameter 'RelayState' is not present
but rom aws cognito url it working
Thanks bro, you are a genius!!!
Excellent video, Manoj.
Working on a project that uses cognito with AD, I do not understand how to use the url logout in the web app. Where do I find docs and examples ?
@@EnlearAcademy Thanks for this awesome video, Manoj. When I try to redirect the browser on logout, it takes the user back to log in but signs them back in without prompting email/password. I should probably mention that this is with Implicit flow turned on. Otherwise, if I turn off implicit flow, I get a 'unauthorized client' error on sign in. Do you have any idea why this might be happening? Thanks in advance!
How to get roles in the response data/ JWT after successful authentication from Azure Ad? Can you kindly help me out?
Thanks Manoj for Simple and clear video. Could you please tell me if we want to achieve the SSO will it be possible?
I need to do just this. Does anyone know if this tutorial is still accurate today? Considering it was made 4 years ago, and also I'm new to using both AWS and Azure lol.
Thanks for sharing this,Its a excellent video. In my case i need to search from my IDP and if the user is present in the IDP db then need to create users in my user pool and next time sign in should be done from the user pool itself.Can u please suggest me how to do this.Thanks
@@EnlearAcademy Hey thanks for replying. i didn't expect you would reply. I was thinking the same thing but i was not sure how to connect to IDP in my lambda function.If you don't mind can you share any reference.And sorry for bothering you.
@@EnlearAcademy Wow Thanks a lot. I will check this and implement in my case. once again thank u. You saved my day.
I'm confused why we would want to use Azure for SSO -- if we are using AWS Cognito, can't we use AWS Cognito for SSO?
Hi Sir.. Thank you providing great content which helped me to implement the same but I am facing an issue after ad authentication and not able to login with user, though the user profile is created successfully in the cognito.
it shows "User does not exist." can you please help me on this ?
I already done each steps in video and successfully access the page behind Cognito , but all the users in Azure AD can access it , Can I only allow specific user/group in Azure to access page behind Cognito?
How to use the code now for using it with AWS amplify
Why you can update the identifierUris that prefix with 'urn' ? I tried but invalid
That's a very good explanation on the integration! How do we assign a Cognito user group to a an Azure AD user ? The user record in Cognito seem to be created dynamically when the user logs in for the first time. My requirement is to assign specific roles to the Azure AD users using Cognito user groups. Is that possible?
Hey how did you implement it? I have a similar requirement
@@VenuGopal-es9gt If I remember, you can configure AD to propagate the AD group attribute as part of the authentication response. Then use cognito hook lambda function to map the AD group to the corresponding cognito user group.
thanks for the video. it's very useful. except i am thoroughly confused :'P
is it possibe to use aws active directory as a identity provider?
I don't see why not.
excellent thank you !!
Dont know if you guys cares but if you guys are stoned like me during the covid times you can watch pretty much all the latest series on instaflixxer. Been watching with my gf lately =)
@Gianni Angel Yea, been watching on InstaFlixxer for since november myself =)
@Gianni Angel Definitely, have been using InstaFlixxer for since november myself :)