Support multiple app clients based on username #6661
Description
On which framework/platform would you like to see this feature implemented?
Angular
Which UI component is this feature-request for?
Authenticator
Please describe your feature-request in detail.
We are currently looking into adding SSO federated access into our applications whilst retaining Cognito authentication.
Having spoken with a guru at AWS they advised that we should:
- Have separate app clients per tenant/customer
- Each tenant would have their own SSO integration set up (some customers use Okta, some Azure etc)
- Create our own mechanism to input a tenant/customer to do either:
- Pass the tenant in via a separate login URL
- Pass the tenant in via a parameter
- Build our own front end end to input the tenant
- Use the username to map to an app client and pass those details into Amplify's auth flow
I'd like to be able to carry on using the Authenticator module and have it handle this for us.
From what I can gather in order to do this currently I would have to stop using Authenticator module, and instead build my own Username/Email address input box, map that to the required app client ID and then feed this into the Auth flow. Amplify UI could then show the username as read only and allow me to input the password to continue.
It would be really nice if the Authenticator could support this out of the box, allowing us to input a username/email address and password and when clicking in Sign In it then picks the correct app client ID from values passed in.
Please describe a solution you'd like.
I'd like to be able to pass in series of key/value pairs of email domains to app client IDs, so then when you click Sign In, AWS Amplify will do the look up and use the appropriate app client ID.
We love contributors! Is this something you'd be interested in working on?
- 👋 I may be able to implement this feature request.
-
⚠️ This feature might incur a breaking change.