Cognito

If you have an existing user credential base using Amazon Cognito you may re-use that user base and let your existing users single sign on to ngSurvey using their Cognito credentials.

Cognito Configuration

The following steps will show you how to configure a new Cognito application working with ngSurvey.

In your existing user pool go to the App Integration tab

If you didn't setup a domain yet setup either a Cognito Domain or a custom domain.

Create a new application client, the client application must be a Public client have its Client secret set as following:

You will also need to set a callback URL that will redirect back to your ngSurvey site's login page.

Make sure that the OpenID scopes Email and Profile are set

Once this is done create the application client

NGSurvey Configuration

In order to setup Cognito in ngSurvey you will need the application Client ID and the Issuer. The client Id can be found in your App Client list.

The Issuer URL is composed of the User PoolID and the Zone (eg: eu-central-1) in which the pool is running eg:

https://cognito-idp.[ZONE].amazonaws.com/[PoolID]

The user pool id can be found from your pool overview screen.

Once you have gathered both properties you can set them in OpenID tab of the system / settings page of ngSurvey

That's it! ngSurvey is now configured to single sign on your existing Cognito users along the built in ngSurvey users.

If you turn single sign-on on make sure to first log with an Cognito account and assign this account admin privileges or roles in ngSurvey from the user access control.

Using the auto-link property on roles and groups you can automatically map a role or a group to each new Cognito user that is connecting to ngSurvey.

PreviousAWS EBS / SQL Server NextLightSail

Last updated 7 months ago