{{announcement.body}}
{{announcement.title}}

Integrate Anypoint With AWS Cognito

DZone 's Guide to

Integrate Anypoint With AWS Cognito

In this tutorial, see how to integrate Anypoint with AWS Cognito.

Free Resource

With Amazon Cognito, users can sign in through various identity providers (Ex: social identity providers such as Google or enterprise identity providers such as Microsoft Active Directory via SAML/OpenID Connect)

Steps in AWS:

Step 1: Login AWS ->Service -> cognito -> Manage User Pool 

Image title

Image title

Step 2: Select simple attributes and policies and click next and create pool.

Image title

Image title

Image title

Image title

Image title

Step 3: Create App Client.Image title

Image title

Step 4: Get the redirect URL from Anypoint.

Image title

Image title

Image title

Step 5: In AWS, update the App client settings callback URL.

Image title

Step 6: Update the AWS User pool domain. You can use your own domain or the default.

Image title

Step 7: If required, customize the federation screen with your company logo and modify the CSS to your needs. For the demo, I kept the default.

Image title

Resource servers /scope is used for oAuth2. I will briefly discuss that in my next article.

Step 8: Get the OIDC Discovery Endpoint

Example: https://REGION/User-pool-id/.well-known/openid-configuration
Where...

          8.1) Region: cognito-idp.ap-southeast-2.amazonaws.com (https://docs.aws.amazon.com/general/latest/gr/rande.html)
           8.2) Get User-pool-id:            

Image title

It will give all the required endpoint details.

Image title

Also from App client settings get the clientID and Client secrete 

Image title

Step 9: Now go to Anypoint.

Management Center -> Access Management -> External Identity -> Identity Management OpenID Connect -> Use manual registration

Fill in the form with the above collected data.

Image title

Step 10: Now login with SSO URL (https://anypoint.mulesoft.com/accounts/login/{yourOrgDomain})

It will redirect you to the AWS Cognito UI login page.

Image title

Sign up:

Image title

You will get the below error. Just ignore it.

Image title

Step 11: In Cognito, check the users and groups.

Image title

Confirm the user:

Image title

Now again try to access Mule Anypoint with SSO user.

Thanks for reading.

Topics:
aws ,mule ,integration ,tutorial ,anypoint ,aws cognito

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}