You can integrate Commerce with Amazon Cognito, This allows you to offer your customers or business users Single Sign-on (SSO) using Amazon Cognito credentials instead of Commerce credentials. When you create an Amazon Cognito integration, an Amazon Cognito user pool is created. Your customers can then sign-in directly using the user pool.
Collect the following Amazon credentials. See Create an AWS access key.
| Amazon Cognito Connection | Description |
|---|
| Access Key ID | Your AWS Access Key ID. |
| Secret Access Key | Your AWS Secret Access Key. |
The component has the following actions.
| Input | Type | Description |
|---|
| Connection | connection | AWS connection. |
| AWS Region | string | AWS provides services in multiple regions, like us-west-2 or eu-east-1. AWS region indicates the region in which your buckets are stored. |
| AWS Cognito User Pool Request | code | The API request to create a user pool. See CreateUserPool. |
| Input | Type | Description |
|---|
| AWS Region | string | AWS provides services in multiple regions, like us-west-2 or eu-east-1. AWS region indicates the region in which your buckets are stored. |
| AWS Cognito User Pool Request | code | The API request to create your user pool client. See CreateUserPoolClient. |
Create User Pool Domain
| Input | Type | Description |
|---|
| AWS Region | string | AWS provides services in multiple regions, like us-west-2 or eu-east-1. AWS region indicates the region in which your buckets are stored. |
| AWS Cognito User Pool Request | code | The API request to create a user pool. See CreateUserPool. |
| Domain Name | string | The domain name you want to use for your user pool. It must be unique. We recommend that your domain name is alphanumeric and you only use the - special character. The domain is in the format of https://<domain_prefix>.auth.<region>.amazoncognito.com. For example, if your domain name is elasticpath-commerce-cloud and your AWS region is us-east-1 then your login URL is elastic-path-commerce-cloud.auth.us-east-1.amazoncognito.com. The Amazon Cognito Integration creates a subdomain within an Amazon Cognito domain. If you want to use your business domain, then you must configure this directly in Amazon Cognito. |
| Custom Domain Certificate ARN | string | The SSL certificate for your custom domain. You can use Amazon Cognito to change the certificate that you applied to your custom domain. Usually, this is unnecessary following routine certificate renewal with ACM. When you renew your existing certificate in ACM, the ARN for your certificate remains the same, and your custom domain uses the new certificate automatically. However, if you replace your existing certificate with a new one, ACM gives the new certificate a new ARN. To apply the new certificate to your custom domain, you must provide this ARN to Amazon Cognito. |
Delete User Pool Domain
| Input | Type | Description |
|---|
| AWS Region | string | AWS provides services in multiple regions, like us-west-2 or eu-east-1. AWS region indicates the region in which your buckets are stored. |
| AWS Cognito User Pool ID | string | The ID of your user pool. |
| Domain Name | string | The domain name you want to use for your user pool. It must be unique. We recommend that your domain name is alphanumeric and you only use the - special character. The domain is in the format of https://<domain_prefix>.auth.<region>.amazoncognito.com. For example, if your domain name is elasticpath-commerce-cloud and your AWS region is us-east-1 then your login URL is elastic-path-commerce-cloud.auth.us-east-1.amazoncognito.com. The Amazon Cognito Integration creates a subdomain within an Amazon Cognito domain. If you want to use your business domain, then you must configure this directly in Amazon Cognito. |
| Input | Type | Description |
|---|
| AWS Region | string | AWS provides services in multiple regions, like us-west-2 or eu-east-1. AWS region indicates the region in which your buckets are stored. |
| AWS Cognito User Pool ID | string | The ID of your user pool. |
| Domain Name | string | The domain name you want to use for your user pool. It must be unique. We recommend that your domain name is alphanumeric and you only use the - special character. The domain is in the format of https://<domain_prefix>.auth.<region>.amazoncognito.com. For example, if your domain name is elasticpath-commerce-cloud and your AWS region is us-east-1 then your login URL is elastic-path-commerce-cloud.auth.us-east-1.amazoncognito.com. The Amazon Cognito Integration creates a subdomain within an Amazon Cognito domain. If you want to use your business domain, then you must configure this directly in Amazon Cognito. |
| Input | Type | Description |
|---|
| AWS Region | string | AWS provides services in multiple regions, like us-west-2 or eu-east-1. AWS region indicates the region in which your buckets are stored. |
| AWS Cognito User Pool ID | string | The ID of your user pool. |
| AWS Cognito User Pool Client ID | string | The ID of your client user pool. |
Describe User Pool Domain
| Input | Type | Description |
|---|
| AWS Region | string | AWS provides services in multiple regions, like us-west-2 or eu-east-1. AWS region indicates the region in which your buckets are stored. |
| Domain Name | string | The domain name you want to use for your user pool. It must be unique. We recommend that your domain name is alphanumeric and you only use the - special character. The domain is in the format of https://<domain_prefix>.auth.<region>.amazoncognito.com. For example, if your domain name is elasticpath-commerce-cloud and your AWS region is us-east-1 then your login URL is elastic-path-commerce-cloud.auth.us-east-1.amazoncognito.com. The Amazon Cognito Integration creates a subdomain within an Amazon Cognito domain. If you want to use your business domain, then you must configure this directly in Amazon Cognito. |
| Input | Type | Description |
|---|
| AWS Region | string | AWS provides services in multiple regions, like us-west-2 or eu-east-1. AWS region indicates the region in which your buckets are stored. |
| Max Result | string | The maximum results. |
| Input | Type | Description |
|---|
| AWS Region | string | AWS provides services in multiple regions, like us-west-2 or eu-east-1. AWS region indicates the region in which your buckets are stored. |
| AWS Cognito User Pool ID | string | The ID of your user pool. |
| Input | Type | Description |
|---|
| AWS Region | string | AWS provides services in multiple regions, like us-west-2 or eu-east-1. AWS region indicates the region in which your buckets are stored. |
| AWS Cognito User Pool Request | code | The API request to update your user pool. See UpdateUserPool. |
| Input | Type | Description |
|---|
| AWS Region | string | AWS provides services in multiple regions, like us-west-2 or eu-east-1. AWS region indicates the region in which your buckets are stored. |
| AWS Cognito User Pool Client Request | code | The API request to update your user pool client. See UpdateUserPoolClient. |
Update User Pool Domain
| Input | Type | Description |
|---|
| AWS Region | string | AWS provides services in multiple regions, like us-west-2 or eu-east-1. AWS region indicates the region in which your buckets are stored. |
| AWS Cognito User Pool Request | code | The API request to update your user pool. See UpdateUserPool. |
| Domain Name | string | The domain name you want to use for your user pool. It must be unique. We recommend that your domain name is alphanumeric and you only use the - special character. The domain is in the format of https://<domain_prefix>.auth.<region>.amazoncognito.com. For example, if your domain name is elasticpath-commerce-cloud and your AWS region is us-east-1 then your login URL is elastic-path-commerce-cloud.auth.us-east-1.amazoncognito.com. The Amazon Cognito Integration creates a subdomain within an Amazon Cognito domain. If you want to use your business domain, then you must configure this directly in Amazon Cognito. |
| Custom Domain Certificate ARN | string | The SSL certificate for your custom domain. You can use Amazon Cognito to change the certificate that you applied to your custom domain. Usually, this is unnecessary following routine certificate renewal with ACM. When you renew your existing certificate in ACM, the ARN for your certificate remains the same, and your custom domain uses the new certificate automatically. However, if you replace your existing certificate with a new one, ACM gives the new certificate a new ARN. To apply the new certificate to your custom domain, you must provide this ARN to Amazon Cognito. |