This project is intended to run from AWS Amplify, using Cognito as the log in mechanism with users configured to have specialized groups representing their Call Center permissions for various AWS Connect instances. This works in concert with the Lambda defined for generating SAML Responses for Connect. Then, once a user logs in to Cognito, this site should help them (within zero to two clicks) get federated and logged in to their desired Connect instance.
This site relies on some environment variables:
-
NEXT_PUBLIC_SAML_GENERATION_URLThe URL for the APIGateway connection to the SAML Response generating Lambda mentioned above
-
NEXT_PUBLIC_COGNITO_HOSTED_UI_URLThe base URL for the Hosted UI Cognito sign-in page associated with this User Pool's application (the current working User Pool is "Cognito for Connect Call Centers" (ID: us-east-1_AZyvZQdFN) and the "App integration" client is "Amplify App")
-
NEXT_PUBLIC_COGNITO_CLIENT_IDThe Client ID of the App Integration - App Client (from the "Amplify App" client)
-
NEXT_PUBLIC_COGNITO_REDIRECT_URIThe URL of this web app
Note: This must be configured here as well as inside Cognito, in the User Pool, in the App client, under "Hosted UI", under "Allowed callback URLs", and it should also be reflected in the Invitation Message under "Messaging"
-
NEXT_PUBLIC_SSO_DEFAULT_DURATIONThe session duration to use for the SSO session requested by the generated SAML (in seconds)
-
NEXT_PUBLIC_AWS_SAML_ENDPOINTThe SAML endpoint for Connect SSO sessions (should be "https://signin.aws.amazon.com/saml")
This is a Next.js project bootstrapped with
create-next-app.
See The Inside Story for more information about all the random hurdles and gotchas that were overcome in order to get this working.