Cognito Authorize Endpoint For federated users

Question

I am using the cognito authorize endpoint and using 'identity_provider' query parameter to bypass the hosted UI and allowing users to authenticate directly with their identity provider (in this case, Google). When a user is already authenticated with Google and clicks on "Sign in with Google" again, I want to provide them with the option to select from multiple Google accounts rather than automatically signing them in.

Answer

Hi Zeeshan,

For that, you can use the `prompt` parameter in your authorization URL and set its value to [select_account](https://www.cerberauth.com/openid-connect-prompts#heading-select-account-prompt). This will force the user to choose an account, even if they are already logged in. Here's an example of how you might construct your authorization URL:

```
https://your-cognito-domain.auth.region.amazoncognito.com/oauth2/authorize?response_type=code&client_id=your_client_id&redirect_uri=your_redirect_uri&identity_provider=Google&prompt=select_account
```

Cognito Authorize Endpoint For federated users

相关内容