Cognito Hosted UI to Custom UI
A customer has been using Cognito Hosted UI. But they have a hard security requirement of having Hosted UI session Cookie duration to be 30 mins. Given that the Hosted UI Session Cookie duration is not customizable yet, so they are looking to change to custom UI to meet the security requirements.
Their current setup is as follows:
- IdentityServer as their OpenID Connect based Identity provider in front of a self-managed user store in database
- Cognito Hosted UI configured against the App Client with the above identity provider
if the current set up changed to self-hosted UI , what changes are need to the App Client Settings ?
How will overall Auth flow look like in the new world?
As I read it, they are using federation to an external OIDC provider. federation uses oauth2 endpoints and the 1-hour session cookie will be created whether hosted UI is used or not (federation always uses hosted UI). custom UI could be used only in the case of native-user sign-in with username and password.
Relevant questions
Setup TOTP screen for Hosted UI
asked 5 months agoCognito Hosted UI to Custom UI
Accepted Answerasked 2 years agoRemember device to suppress MFA challenge using Cognito Hosted UI
asked 9 days agoCognito Hosted UI customization not updating
asked 7 months agoDisable hosted UI
asked 4 years agoHow to translate Cognito Hosted UI Forms?
asked 5 months agoCognito Hosted UI TOTP or Amplify
asked 7 months agoIs there any way to display a "Confirm Password" field in the Cognito hosted UI?
asked 7 months agoCognito Hosted UI user email verification (using valid verification code) failed (according to UI) but user is confirmed.
asked 7 months agoAmazon Cognito hosted UI password reset code message
Accepted Answerasked 8 months ago