FR(Authenticator) Login with Custom SAML provider

[rwilliams3088]

Before creating a new issue, please confirm:

• I have searched for duplicate or closed issues and discussions.
• I have tried disabling all browser extensions or using a different browser
• I have tried deleting the node_modules folder and reinstalling my dependencies
• I have read the guide for submitting bug reports.

On which framework/platform are you having an issue?

React

Which UI component?

Authenticator

How is your app built?

Webpack 5

What browsers are you seeing the problem on?

Chrome, Firefox

Which region are you seeing the problem in?

us-east-1

Please describe your bug.

I have configured my Cognito User Pool to use Google Workspace as my SAML Idp. However, attempts to login via the Authenticator fail. I have attempted to specify my "googleworkspace" idp as the provider for the Amplify Authenticator to use, but I get an error in the console: Authenticator does not support googleworkspace. Please open an issue: https://github.com/aws-amplify/amplify-ui/issues/choose

What's the expected behaviour?

I can login with my SAML provider

Help us reproduce the bug!

Try to configure the Amplify Authenticator to login with a SAML provider

Code Snippet

Amplify.configure({
  Auth: {
    Cognito: {
      //  Amazon Cognito User Pool ID
      userPoolId: 'us-east-1_XXXXXXX',

      // OPTIONAL - Amazon Cognito Web Client ID (26-char alphanumeric string)
      userPoolClientId: 'myUserPoolClientId',

      loginWith: {
        // OPTIONAL - Hosted UI configuration
        oauth: {
          domain: 'https://my-domain.auth.us-east-1.amazoncognito.com',
          scopes: [
            'phone',
            'email',
            'profile',
            'openid',
            'aws.cognito.signin.user.admin'
          ],
          providers: ['GoogleWorkspace' as any],

          redirectSignIn: ['http://localhost:3000/'],

          redirectSignOut: ['http://localhost:3000/'],

          responseType: 'code'
        }
      }
    }
  }
});

Console log output

Authenticator does not support googleworkspace. Please open an issue: https://github.com/aws-amplify/amplify-ui/issues/choose

Additional information and screenshots

No response

[esauerbo]

Hi @rwilliams3088, the provider name should be Google instead of GoogleWorkspace. You could also just input the amplifyconfiguration.json file (which is auto-generated when you configure auth with Amplify, so is generally less error-prone), like so:

import awsConfig from './path-to-amplifyconfiguration.json'
Amplify.configure(awsConfig)

Let us know if this addresses your issue!

[rwilliams3088]

Hi @rwilliams3088, the provider name should be Google instead of GoogleWorkspace. You could also just input the amplifyconfiguration.json file (which is auto-generated when you configure auth with Amplify, so is generally less error-prone), like so:

import awsConfig from './path-to-amplifyconfiguration.json'
Amplify.configure(awsConfig)

Let us know if this addresses your issue!

Except that it is configured in Cognito as a SAML Idp with the name "googleworkspace" (it does not accept any old gmail account). Also, I didn't see anything in yarn amplify init that would allow me to configure it to work with a SAML provider, just the standard social media options. I also plan to add support for Azure later on, also as a SAML Idp.

[esauerbo]

Gotcha. At this time the Amplify authenticator doesn't support custom SAML identity providers. Here's the Amplify documentation that shows how to set up social sign in with one of the default providers. I'll mark this as a feature request and we will consider this in our roadmap planning. If others are interested, please thumbs up this issue.

[esauerbo]

@rwilliams3088 looks like we already have an issue tracking this feature request #1152! I'm gonna close this as a duplicate but definitely thumbs up/comment on that one if you have a specific use case not already covered.