Posted On: May 17, 2018

Amazon Cognito now makes it easier for developers to add OIDC-providers that are currently not built-in to the service console, like Salesforce or Ping Identity. Lengthy sign-up forms create friction for the registration and conversion of users. This new Cognito feature simplifies the registration process by allowing users to login with an existing OpenID account into a User Pool.

This new capability of Amazon Cognito eliminates the need for new users to create a site- or app-specific username and password. It also alleviates the need for your new user to verify an email address, which would have required them to leave your application. To configure a User Pool so it knows how to process OIDC-based authentication requests from a given Identity Provider, simply select a pool and set up a generic OpenID Connect app from the Identity Providers menu.

Amazon Cognito's generic OIDC conforms to the OpenID Connect specification, and is available today in the following AWS Regions: Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Europe (London), Europe (Frankfurt), Europe (Ireland), US West (Oregon), US East (Northern Virginia) and US East (Ohio).

To learn how to modernize your existing user directories with User Pools, please visit the Amazon Cognito website.