2 Answers
- Newest
- Most votes
- Most comments
0
Hi,
Thanks for your patience. I've reached out to our Amplify and Cognito engineers regarding your query. Our understanding is that you are looking to use Cognito in your customer's application and require the user to use TOTP enabled login in Cognito. Please let us know if we understood correctly. If our understanding is correct then it seems that the missing piece is:
- Check the user login status on the customer’s application (via
Amplify Auth.currentAuthenticatedUser
), then launch Hosted UI if user has not signed in (viaAuth.federatedSignIn
). - Once the user is authenticated, and redirected back to the customer application, the application shall alway check user authentication status by
Auth.currentAuthenticatedUser
. If yes, let the end user access application, if not, go to step 1 again.
Please let us know if this helps resolve your issue. If not, kindly provide additional details in case we may have misunderstood anything.
0
Hello, do you know if there are any plans for Cognito to start supporting MFA in the hosted UI? and why is there such a limitation?
answered a year ago
It already has support
Relevant content
- asked 10 months ago
- asked 2 years ago
- asked 3 years ago
- asked a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 3 years ago
Thank you for taking the time to look into this. I think you are on the right track. The problem is that there are 2 different applications, my customer's application (to which I don't have access) and another independent app (which is the custom Hosted UI). How can I can send back the logged in user in the Hosted UI to the customer app? I wanted to send back a code like the build in Hosted UI does '/callback?code=02c18779-cf4d-445c-84ca-8859214f54c6'. Is that possible? Or to check the callback URL to match the one from App Client settings in AWS. Maybe I'm on the wrong track.
Hi,
Thanks again for your patience as I worked with the Cognito team.
The ‘callback url’ which can be configured in Hosted UI is for redirecting the logged in users to the url which can be your customer’s application. However, the initiated Login point which requires the pointed callback url, shall be started from Hosted UI URL with all the configured values. Such as https://hostedUIdomain/login?response_type=code&client_id=yourappclientid&redirect_uri=https://yourcustomerdomain.com/callback&state=State
That said, it seems that this is a relatively complex case or perhaps there is something that is being misunderstood. Therefore, we recommend creating a support case and initiating a live session via call or chat so that we can take a closer look at your setup. I recommend starting with the Cognito team and they can transfer to the Amplify team if their assistance is needed.
Thank you Ryan for taking the time, i think our case is more complex than this. We'll need to initiate a live session with Cognito Team. Best regards.