How to set up Amazon Cognito for federated authentication using Azure AD to authenticate users

Рет қаралды 6,771

Күн бұрын

You have your application running in AWS ECS fargate container behind AWS ALB. All users are part of Azure AD and you want to authenticate users before they can access your application. You can configure AWS Cognito for federated identity provider Azure AD. This way the users will be redirected to Azure login page to authenticate before accessing the application.
Reference: aws.amazon.com...
Check this for AWS ALB setup with AWS Cognito - • Authenticate users usi...

Пікірлер: 7

@louislaw299 Жыл бұрын

great video. At 9:39, where does the callback URLs come from?

@raaviblog105 Жыл бұрын

callback url can be anything where authorization code will be sent. If AWS ALB is used for authentication of user then this callback url should be something like /oauth2/idpresponse. In my case I have created a CNAME record test.raaviblog.com pointing to DNS of ALB. That is why it looks like test.raaviblog.com/oauth2/idpresponse. You can check more details here - docs.aws.amazon.com/elasticloadbalancing/latest/application/listener-authenticate-users.html

@realmovies1122 Жыл бұрын

Sir, Can you please make a video, How to implement JWT token for our secure load balancer

@raaviblog105 Жыл бұрын

sure...very soon I will make on this.

@raaviblog105 Жыл бұрын

Have you checked - kzbin.info/www/bejne/bonZnaiYntOZqs0 What are you looking for with jwt token and aws ALB? Is your expectation to use AWS ALB to authenticate user with OIDC and then pass JWT tokens (access tokens and claims) to the backend application to validate claims and signature.

@premkumarmani1380 9 ай бұрын

do you have terraform script to perform the same ?

@apshivaram Жыл бұрын

If there is no user present in AZ AD, is there a way I can prompt for register user or guest user login such that user is created in AZ AD? If so, should we create a custom component that should be hosted on AWS or is there any other way to achieve this?