AWS Cognito support
bnfinet opened this issue · comments
from the #vouch irc channel...
Vouch Proxy is confirmed working with AWS Cognito
oauth.user_info_url
must be set with upper case I
for oauth2/userInfo
oauth:
provider: oidc
auth_url: https://YOURDOMAIN.auth.eu-west-2.amazoncognito.com/oauth2/authorize
token_url: https://YOURDOMAIN.auth.eu-west-2.amazoncognito.com/oauth2/token
user_info_url: https://YOURDOMAIN.auth.eu-west-2.amazoncognito.com/oauth2/userInfo
scopes:
- openid
- email
- profile
How should I configure in AWS Cognito user pool?
oauth:
Generic OpenID Connect
provider: oidc
client_id: your_app_clientid
client_secret: your_app_client_secret
auth_url: https://yourdomain.auth.eu-west-1.amazoncognito.com/oauth2/authorize
token_url: https://yourdomain.auth.eu-west-1.amazoncognito.com/oauth2/token
user_info_url: https://yourdomain.auth.eu-west-1.amazoncognito.com/oauth2/userInfo
scopes:
- openid
- email
- profile
callback_url: https://vouch.yourdomain.com/auth
config in AWS cognito
enable openid, email, and profile in app settings
app client callback url : https://vouch.yourdomain.com/auth,
logout url: https://vouch.yourdomain.com/logout
Beware the domains settings in config.yml,
it should be yourdomain.com.
This setup works for me.
Just wanted to respond but I see that you solved it yourself.
That's pretty much as I have it set up as well, good work.