By using AWS re:Post, you agree to the Terms of Use

Cognito Hosted UI to Custom UI


A customer has been using Cognito Hosted UI. But they have a hard security requirement of having Hosted UI session Cookie duration to be 30 mins. Given that the Hosted UI Session Cookie duration is not customizable yet, so they are looking to change to custom UI to meet the security requirements.

Their current setup is as follows:

  • IdentityServer as their OpenID Connect based Identity provider in front of a self-managed user store in database
  • Cognito Hosted UI configured against the App Client with the above identity provider

if the current set up changed to self-hosted UI , what changes are need to the App Client Settings ?

How will overall Auth flow look like in the new world?

asked 2 years ago234 views
1 Answers
Accepted Answer

As I read it, they are using federation to an external OIDC provider. federation uses oauth2 endpoints and the 1-hour session cookie will be created whether hosted UI is used or not (federation always uses hosted UI). custom UI could be used only in the case of native-user sign-in with username and password.

answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions