Cognito Hosted UI to Custom UI
A customer has been using Cognito Hosted UI. But they have a hard security requirement of having Hosted UI session Cookie duration to be 30 mins. Given that the Hosted UI Session Cookie duration is not customizable yet, so they are looking to change to custom UI to meet the security requirements.
Their current setup is as follows:
- IdentityServer as their OpenID Connect based Identity provider in front of a self-managed user store in database
- Cognito Hosted UI configured against the App Client with the above identity provider
if the current set up changed to self-hosted UI , what changes are need to the App Client Settings ?
How will overall Auth flow look like in the new world?
- 最新
- 投票最多
- 评论最多
As I read it, they are using federation to an external OIDC provider. federation uses oauth2 endpoints and the 1-hour session cookie will be created whether hosted UI is used or not (federation always uses hosted UI). custom UI could be used only in the case of native-user sign-in with username and password.
相关内容
AWS 官方已更新 2 年前- AWS 官方已更新 3 年前
- AWS 官方已更新 1 年前
- AWS 官方已更新 2 年前
