Adding Microsoft SSO to Your Amazon Cognito User Pool

In this guide, we will walk through how to attach Microsoft SSO (Single Sign-On) to an existing user pool in Amazon Cognito.

Step 1. Sign in to the Azure portal Console and navigate to the Azure directory to create a “New registration” for your app.

Adding Microsoft SSO to Your Amazon Cognito User Pool - Addend Analytics-1

Step 2. Provide a name for the app and set the redirect URI as https://<your-user-pool-domain>/oauth2/idpresponse. Register the app.

Adding Microsoft SSO to Your Amazon Cognito User Pool - Addend Analytics-2

Step 3. In the “Certificates and secrets” tab, generate a new client secret.

Adding Microsoft SSO to Your Amazon Cognito User Pool - Addend Analytics-3
Adding Microsoft SSO to Your Amazon Cognito User Pool - Addend Analytics-4
Adding Microsoft SSO to Your Amazon Cognito User Pool - Addend Analytics-5

Step 4. Add the identity provider for Microsoft using OpenIDConnect (OIDC).

Adding Microsoft SSO to Your Amazon Cognito User Pool - Addend Analytics-6
Adding Microsoft SSO to Your Amazon Cognito User Pool - Addend Analytics-7

Step 5. Enter the necessary details such as name, client ID, client secret, and authorized scope. Keep the default options. Map the attributes and add the identity provider.

Adding Microsoft SSO to Your Amazon Cognito User Pool - Addend Analytics-8
Adding Microsoft SSO to Your Amazon Cognito User Pool - Addend Analytics-9

Step 6. In the App integrations tab, edit the hosted UI in the app clients section. Look for the option to add identity providers and include MicrosoftSSO. This option is present due to the previous inclusion of Google SSO.

Adding Microsoft SSO to Your Amazon Cognito User Pool - Addend Analytics-10
Adding Microsoft SSO to Your Amazon Cognito User Pool - Addend Analytics-11

Step 7. Access the hosted UI and you should now see the “Continue with MicrosoftSSO” option alongside the traditional sign-up and sign-in choices.

Adding Microsoft SSO to Your Amazon Cognito User Pool - Addend Analytics-12

In conclusion, integrating Microsoft SSO with Amazon Cognito involves registering your app in the Azure portal, generating a client secret, adding Microsoft as an identity provider using OpenIDConnect, and configuring the hosted UI to include the MicrosoftSSO option. By following these steps, users will have the convenience of using Microsoft SSO alongside the traditional sign-up and sign-in options in your application.

Addend Analytics is a Microsoft Gold Partner based in Mumbai, India, and a branch office in the U.S.

Addend has successfully implemented 100+ Microsoft Power BI and Business Central projects for 100+ clients across sectors like Financial Services, Banking, Insurance, Retail, Sales, Manufacturing, Real estate, Logistics, and Healthcare in countries like the US, Europe, Switzerland, and Australia.

Get a free consultation now by emailing us or contacting us.