The Amplify Authentication docs for IOS outline support for the following types of identity federation:
The Amplify Authentication docs for web browsers only outline federated identity support for Facebook, Google (+ Auth0) here: https://docs.amplify.aws/lib/auth/advanced/q/platform/js/
By digging into the Auth module codebase it's become apparent it's possible to invoke either a SAML/OIDC user pool iDP as follows:
Amplify.Auth.federatedSign({ customProvider: USER_POOL_IDENTITY_PROVIDER_NAME })
See: https://github.com/aws-amplify/amplify-js/blob/6c4d4b5fc737652f88dcdfa26bdb02a1defdfa2e/packages/auth/src/Auth.ts#L1924
Questions
- Is this approach supported when using Amplify in a web browser? Looking purely at the docs would suggest it's not supported.
- Amplify's PKCE support isn't documented anywhere. Similar question, it this something that will remain supported on web too?