问题
G'day Everyone.
I have a Web application running with AWS S3, RDS, Lambda and API Gateway using an AWS Cognito user pool as login service. This is working good so far. But now i would like to integrate it with Azure ID.
Does someone has a good documentation about it. I can only find documentation for the other way round or for integration Azure AD into the AWS Console. The reason could be that this feature just went from beta to production a few weeks ago.
回答1:
The steps are quite long, but I've created a tutorial on setting this up. There is a current bug within the AzureAD web console that prevents changing the App ID to a URN, but it can be worked around by modifying the parameter with AzureAD powershell.
See the following blog post here:
https://www.idea11.com.au/how-to-set-up-aws-cognito-federation-office365/
回答2:
I ran into some troubles while logging in via personal live/hotmail accounts using SAML, turns out there's no proper support for that yet, try OIDC.
Follow: https://www.terminalbytes.com/azure-ad-integration-as-an-idp-with-aws-cognito/
来源:https://stackoverflow.com/questions/45791699/howto-add-azure-ad-as-aws-cognito-federated-idp