Single Sign-On (SSO) with Amazon Cognito authentication in Bold Reports®

Users can be added to the Bold Reports® application using the Amazon Cognito provider. By importing them, administrators can share the reports and email exported reports to them.

How to register the Bold Reports® application in Amazon Cognito

This section explains how to perform Single Sign-On for users in Amazon Cognito with the Bold Reports® application.

Note: This configuration has to be done on the Amazon Cognito website.

Prerequisites

  • An admin account in Amazon Cognito.
  • A user pool in Amazon Cognito.
  • Install the Bold Reports® application.

Steps to register the Bold Reports® application

  1. Login to the Amazon Cognito website with an admin account, open the console, and then click Manage User pool. Click Manage User Pool

  2. Click App Clients under General Settings in the left-side menu, and then add the application. Click App Client

  3. Save the App client name and click Create app client. Create App Client

  4. Click on Show Details to know the Client Secret. Cognito Client Secret

  5. Utilize the App client id and App client secret as shown in the following screenshot. Congnito Credential

  6. Click on App client settings under App integration in the left-side menu and add the Callback URL(s). Congnito Call Back URL

  7. The callback URL(s) must be the URI in the settings of your BoldReports application, as shown in the following screenshot. Login Redirect URI

After successful registration in Amazon Cognito, save these settings in the BoldReports settings page to enable this authentication.

Enable Amazon Cognito authentication in Bold Reports®

Configure the settings in Bold Reports® as in the following snap to enable the authentication using Amazon Cognito. Configure BoldReports

The fields required to enable Amazon Cognito for authentication in Bold Reports® are explained below.

Provider Name It represents the name of the authentication provider to be displayed on the login page.
Provider Logo It represents the logo of the authentication provider to be displayed on the login page.
Authorization Endpoint It should be in the format https://AUTH_DOMAIN/oauth2/authorize. Please refer here for more details.
Token Endpoint Method POST
Token Endpoint It should be in the format https://AUTH_DOMAIN/oauth2/token. Please refer to the AWS Cognito Token Endpoint Guide for more details.
User Information Endpoint Method GET
User Information Endpoint It should be in the format https://AUTH_DOMAIN/oauth2/userinfo. Please refer to the AWS Cognito UserInfo Endpoint Guide for more details.
Client ID The Client ID is obtained after registering the Bold Reports® application on the Amazon Cognito website.
Client Secret The Client Secret is obtained after registering the Bold Reports® application on the Amazon Cognito website.
Scopes openid, profile, email
Logout URI It is an endpoint that logs out the third-party provider.
Email This must be the email of an admin account on the Amazon Cognito website.