The topic How to Test SSO Authentication with Cognito and OIDC Providers is currently the subject of lively discussion — readers and analysts are keeping a close eye on developments.
This is taking place in a dynamic environment: companies’ decisions and competitors’ reactions can quickly change the picture.
This guide covers the admin setup for SSO authentication built with Django and AWS Cognito. The full reference implementation is available on GitHub: django-cognito-sso-demo.
To ensure SSO works correctly in your application, you must complete the following steps:
This is required for group validation to function properly in SSO.
The name must match the “groups” claim used in all OIDC providers that will be included in your application SSO.
After setting up the Admin Panel, we are ready to test SSO authentication.
Azure Single Sign-On (SSO) Setup: A Step-by-Step Guide
Okta Single Sign-On (SSO) Setup: A Step-by-Step Guide
Other OIDC providers typically follow a similar setup process.
Step 1: To log in to your application via the Azure SSO Provider, send a GET request to:
<cognito_domain>/login?client_id=<client_id>&redirect_uri=<redirect_uri>&response_type=code&scope=openid&state=<client_id>
Step 2 After sending the request, you will be redirected to the Your OIDC Provider login page, in my case it’s Microsoft login page. Click Receive Code.
Step 4: After successful authentication, you will receive a response with your authentication tokens.
Step 5: To check if a user was actually created after SSO login, you can:
After successful logout you will receive a response with your message “Logout successful”.
If the user is not a member of the IAM group, the group name is incorrect in the Admin Panel for the SSO Provider, or the user’s email domain is not linked with a rights holder of the app_id, the login attempt will fail, showing an error, where provider 19 is SSO Client Provider ID.
Templates let you quickly answer FAQs or store snippets for re-use.
Are you sure you want to hide this comment? It will become hidden in your post, but will still be visible via the comment’s permalink.
For further actions, you may consider blocking this person and/or reporting abuse
Thank you to our Diamond Sponsors for supporting the DEV Community
Google AI is the official AI Model and Platform Partner of DEV
DEV Community — A space to discuss and keep up software development and manage your software career
Built on Forem — the open source software that powers DEV and other inclusive communities.
We’re a place where coders share, stay up-to-date and grow their careers.
