feat(auth): support custom domain prefix for cognito domain in user pool #3056
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This PR adds support for custom domain prefix for cognito domain in user pool. Instead of showing a cryptic domain name to customers when they login with an external identity provider such as Google, this allows the Amplify customer to provide a domain prefix associated with their own brand. Although this doesn't resolve aws-amplify#2350, it can serve as a stop gap solution to make the login domain more trust-inspiring.
🦋 Changeset detectedLatest commit: 82c00c4 The changes in this PR will be included in the next version bump. This PR includes changesets to release 1 package
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Problem
Currently, when leveraging external identity providers in an Amplify app, it is not allowed to specify a custom domain prefix. As a result, when app customers login with the external identity provider such as Google, they are prompted with a cryptic domain name such as
db049484d0476df65368.auth.us-east-1.amazoncognito.com. This cryptic domain name is not trust-inspiring and prevents the customers from further using the app.This PR adds support for custom domain prefix for cognito domain in user pool. Instead of the cryptic domain name, developer of the Amplify app can provide a domain prefix associated with their own brand.
Although this doesn't resolve #2350, it can serve as a stop gap solution to make the login domain more trust-inspiring.
Issue number, if available:
Changes
domainPrefixin theExternalProviderGeneralFactoryPropstype.translateDomainPrefixinpackages/backend-auth/src/translate_auth_props.tsto use custom domain prefix if it is specified.translateDomainPrefixis called intranslateToAuthConstructLoginWith.packages/backend-auth/src/translate_auth_props.test.ts.generateContainerEntryinpackages/backend-auth/src/factory.tsto remove functionality that is already covered bytranslateDomainPrefix.packages/backend-auth/src/translate_auth_props.ts.Corresponding docs PR, if applicable:
Validation
I added unit tests to cover this change. I also tested this change locally with my Amplify app.
Checklist
run-e2elabel set.By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.