Administrators Menu

Where can I find XML file?

How to connect active directory to Cognito hosted UI
To be able to use this feature, first you need to access your azure portal and then click on Azure Active Directory as shown below:

Then on the sidebar to your left you need to select “Enterprise applications”. After that select “new application” and then click on “Create your own application”.

Then a sidebar will appear to your right, first write the name of your application and then on “What are you looking to do with your application?” select the third option (Non-gallery).

When you finished creating your application, in getting started flow, select the second option: “Set up single sing on”.

On the next page, you need to select SAML as your single sign on method.

On the next page inside “Basic SAML Configuration” card, as shown below, you have to fill in two required fields. The first one is “Identifier (Entity ID)” and the second one is “Reply URL (Assertion consumer service URL)”. In order to fill in those two fields click on the edit button on top right.

The input value of those fields should follow a certain format so that AWS Cognito will recognize them. Here is the format for “Identifier”: urn:amazon:cognito:sp: Here is the format for “Reply URL”: https://.auth..amazoncognito.com/saml2/idpresponse Here you can read more about these values and how to find your own “domain prefix”, “region” and “user pool ID”.

You don’t need to change anything else in your SSO application settings. At the end you have to click on the Download button in front of “Federation Metadata XML” and you are all set.