Bold BI application supports adding users using the Amazon Cognito provider. By importing them, you can share the dashboards and email exported dashboards with them.
This section explains how to perform Single Sign-On for users in Amazon Cognito with the Bold BI application.
NOTE: This configuration has to be done in Amazon Cognito website.
Login to the Amazon Cognito website with an admin account and open the console and then click Manage User pool
.
Click App Clients
under General Settings
in the left side menu, and then add the application.
Save the App client name
and click on Create app client
.
Click on Show details
to know the Client Secret
.
Make use of the App client id
and App client secret
as in the following screenshot.
Click on App client settings
under App integration
in the left side menu and add the Callback URL(s)
.
The Callback URL(s)
must be the URI in the settings of your Bold BI application as in the following screenshot.
After successful registration in Amazon Cognito, save these settings in Bold BI settings page to enable this authentication.
Configure the settings in Bold BI as in the following snap to enable the authentication using Amazon Cognito.
The fields to be saved in the Bold BI to enable the Amazon Cognito for authentication is explained as below.
Provider Name | It represents the name of the authentication provider to be displayed in the login page. |
Provider Logo | It represents the logo of the authentication provider to be displayed in the login page. |
Authorization Endpoint | It should be in the format https://AUTH_DOMAIN/oauth2/authorize Please refer here for more details. |
Token Endpoint Method | POST |
Token Endpoint | It should be in the format https://AUTH_DOMAIN/oauth2/token Please refer here for more details. |
User Information Endpoint Method | GET |
User Information Endpoint | It should be in the following format https://AUTH_DOMAIN/oauth2/userinfo. Please refer here, for more details. |
Client ID | The Client ID you get after registered the Bold BI application in Amazon Cognito website. |
Client Secret | The Client Secret you get after registered the Bold BI application in Amazon Cognito website. |
Scopes | openid, profile, email |
Logout Endpoint | It is the endpoint in the Amazon Cognito website that signs the user out. |
This must be the field name, in which email will be present when deserializing the token. |
Configure group import setting in Bold BI using Cognito AWS as shown in the below image,
NOTE: Only
IAM User
can import Cognito AWS groups.
User Pool Id
and Region
can be found in general settings of your user pool in Cognito AWS console.
For generating an Access Key and Access Secret follow the link https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html#Using_CreateAccessKey