Hello from Japan.
I am doing some projects using AWS Cognito for single sign on.
With two different web applications, one would be using Cognito hosted UI to log on to Tableau server and the other one would be an web application using php 8.2(Laravel) and connecting Cognito via aws-sdk-php.
I was able to log into each application by using each Cognito authentications(SDK with initiateAuth method and Hosted UI authentication), but failed SSO. I have to log into another application once again when I logged into one application. So, I was wonder if aws-sdk-php does not support OIDC(with open id scope). The reason why I am asking is that I could found out that access token from the php application with SDK does not have open id scope, because I tried to authenticate user with token
with GuzzleHttp method throwing access token from SDK to https://mydomain URL.auth.region.amazoncognito.com/oauth2/userInfo
To wrap up my questions;
- Does Cognito SDK support Open ID connect for single sign on?
- Are these two different authentications(SDK and Hosted UI) not able to interact with each other for SSO authentication?
- If there is a way to authenticate my two applications(Laravel and Tableau Sever) using both Cognito SDK and Hosted UI, could you please let me know how to do it or give me some references?
FYI, I put an article which I refer to in below;
https://aws.amazon.com/ko/blogs/security/use-the-hosted-ui-or-create-a-custom-ui-in-amazon-cognito/
Thank you.
Sincerely,
AWS OFFICIELA mis à jour il y a 2 ans