AWS announces AWS Interconnect – multicloud (preview), providing simple, resilient, high-speed private connections to other cloud service providers. AWS Interconnect - multicloud is easy to configure and provides high-speed, resilient connectivity with dedicated bandwidth, enabling customers to interconnect AWS networking services such as AWS Transit Gateway, AWS Cloud WAN, and Amazon VPC to other cloud service providers with ease.
Cognito hosted UI - Is there a way to have only "Corporate email" option and NOT "With existing account" in the Cognito hosted UI
- Tags
- Amazon Cognito
- Language
- English
- Newest
- Most votes
- Most comments
Unfortunately, it's not possible to have only the "Corporate email" option and remove the "With existing account" option in the Cognito hosted UI as shown in the screenshot. The Cognito hosted UI and managed login pages are designed to present authentication options based on the configured user pool settings and app client configurations.
The "Corporate email" option typically represents federated authentication through an external identity provider (such as Azure AD for corporate accounts), while the "With existing account" option is for local user pool authentication.
To achieve a setup where users can only log in with their corporate email, you would need to implement one of the following approaches:
-
Use only federated authentication: Configure your user pool to use only the external identity provider for authentication. This would effectively remove the local user pool option, but it also means you wouldn't be using Cognito's built-in user management for these accounts.
-
Custom UI: Instead of using the Cognito hosted UI, you could create a custom login page that only presents the corporate email option. This would give you full control over the login experience, but you'd need to handle the authentication flow yourself using Cognito's APIs.
-
Pre-authentication Lambda trigger: You could use a Lambda function triggered before authentication to verify that the user is using a corporate email domain. This wouldn't remove the "With existing account" option from the UI, but it would prevent non-corporate emails from being used.
-
User migration: If you need to support both corporate and non-corporate users, you could implement a user migration strategy that moves all users to use the federated authentication method over time.
It's important to note that the exact options and customization capabilities may vary depending on whether you're using the classic hosted UI or the newer managed login experience. In either case, the level of customization for the built-in UI is limited, and removing core authentication options is not typically supported without building a custom solution.
Sources
Configure authentication methods for managed login - Amazon Cognito
Federated login button not showing with Cognito Hosted UI | AWS re:Post
User pool managed login - Amazon Cognito
Authentication with Amazon Cognito user pools - Amazon Cognito
Relevant content
- asked 3 years ago
- AWS OFFICIALUpdated 3 years ago
