You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
* added the "How to Create a New Entra ID Enterprise Application and Configure Custom Attributes for SAML Login for AWS Cognito" page
* removed image formatting
* testing image width
* fixed all pictures width
* increased width to 85%
* replaced the ** for bold text with <strong>
* testing the the switch from ** to <strong>
* configured the width for the table
* reverted the table syntax
* fixed list of tasks in Configure User Attributes & Claims for SSO login
* small tweaks
* fixed cognito userpool id reply url syntax
* fixed ordering list for Configure User Attributes & Claims for SSO Login
* moved the save changes as a bullet point
* removed numbering from headers
* improved esthetics
---------
Co-authored-by: Lucian Patian <[email protected]>
# How to Create a New Entra ID Enterprise Application and Configure Custom Attributes for SAML Login for AWS Cognito
13
13
14
-
When integrating Entra ID (formerly Azure AD) with AWS Cognito for SAML login, it's important to use a unique attribute to identify users. In this guide, we'll walk you through the steps to create a new Enterprise Application in Entra ID and configure a custom attribute named "user.objectid". This attribute ensures that user identities remain consistent even if other attributes, such as last names, change.
14
+
When integrating Entra ID (formerly Azure AD) with AWS Cognito for SAML login, it's important to use a unique attribute to identify users. In this guide, we'll walk you through the steps to create a new Enterprise Application in Entra ID and configure a custom attribute named <code>user.objectid</code>. This attribute ensures that user identities remain consistent even if other attributes, such as last names, change.
15
15
16
-
## Why use "user.objectid"?
17
-
The "user.objectid" attribute is unique to each user in Entra ID and does not change, even if other user attributes are updated. This is particularly important for scenarios where an employee changes their last name, as other attributes will be updated with the new value. Using "user.objectid" prevents the creation of a new local user in your application and ensures that existing user data is preserved.
16
+
## Why use <code>user.objectid</code>?
17
+
The <code>user.objectid</code> attribute is unique to each user in Entra ID and does not change, even if other user attributes are updated. This is particularly important for scenarios where an employee changes their last name, as other attributes will be updated with the new value. Using <code>user.objectid</code> prevents the creation of a new local user in your application and ensures that existing user data is preserved.
18
18
19
19
## Steps to Create a New Enterprise Application in Entra ID
20
20
@@ -41,8 +41,8 @@ Create the connection between Entra ID and your application by setting the login
41
41
2.**Edit Basic SAML Configuration**
42
42
* Edit the **Basic SAML Configuration**.
43
43
* Add the **Identifier (Entity ID)** and **Reply URL (Assertion Consumer Service URL)**.
44
-
* The **Identifier (Entity ID)** should follow the format: urn:amazon:cognito:sp:"Cognito_userpool_ID".
45
-
* The **Reply URL (Assertion Consumer Service URL)** should follow the format: https://Cognito_domain_URL/saml2/idpresponse.
44
+
* The **Identifier (Entity ID)** should follow the format: urn:amazon:cognito:sp:<code>cognito_userpool_id</code>.
45
+
* The **Reply URL (Assertion Consumer Service URL)** should follow the format: https://<code>cognito_domain_url</code>/saml2/idpresponse.
46
46
***Save the changes** to the Basic SAML Configuration.
47
47
48
48
3.**Save the changes** to the Basic SAML Configuration.
@@ -64,7 +64,7 @@ Assign the users and groups that should have permissions to log in to your appli
0 commit comments