hydden.docs

#

Creating an AWS OpenID Provider

1. On the OpenID Provider page, click + Add Provider.

   

2. From the Provider drop-down, select Amazon.

3. Enter a Name. This is a required field and it can be used as the sign-in URL for your tenant.

   To set the name of the configured authentication provider to the sign-in URL, set the Sign-in Page URL switch. It allows for a sign-in page with one or more authentication providers specific to your organization only.

   • Generic sign-in URL: https://portal.hydden.com/signin/
   • Customized sign-in URL for your tenant: https://portal.hydden.com/signin/<your sign-in page identifier>
4. In the Client ID field, enter the identifier of your authentication provider app.
5. In the Client Secret field, enter the server address of for your authentication provider app.
6. In the Issuer field, enter the authentication issuer. This field can take the URL of the authentication provider. It is prefilled with https://cognito-idp.{region}.amazonaws.com/{userPoolId} based on the provider selection and requires customization to add your region and user pool ID.
7. The Issuer URL field is optional if the required Issuer field contains the authentication provider URL (see previous step).
8. From the Auth Style drop-down, keep the selection as Auto Detect.
9. From the Switch Prompt drop-down, select either login or select_account.
10. Use the Order field to specify the order in which the authentication provider should appear on the sign-in page, if more than one provider is configured. This is an option field, if not set and more than one authentication provider is configured the providers are displayed in alphabetical order.

11. In the Redirect URL field, provide a redirect URL for the user navigation following the authentication process. This is an optional field. By default, the user is placed into your default tenant address which can be a different destination in multi-tenant setups.

    

12. Click Add.