AWS cognito documentation change
Summary
Updated OIDC IdP endpoint URLs to include '.auth' subdomain in domain names
Security assessment
Domain name format correction in examples without security implications
Diff
diff --git a/cognito/latest/developerguide/cognito-user-pools-oidc-idp.md b/cognito/latest/developerguide/cognito-user-pools-oidc-idp.md index d85a45fd9..599a4b624 100644 --- a/cognito/latest/developerguide/cognito-user-pools-oidc-idp.md +++ b/cognito/latest/developerguide/cognito-user-pools-oidc-idp.md @@ -78 +78 @@ Microsoft Entra ID | [OpenID Connect on the Microsoft identity platform](https: - https://mydomain.us-east-1.amazoncognito.com/oauth2/idpresponse + https://mydomain.auth.us-east-1.amazoncognito.com/oauth2/idpresponse @@ -121 +121 @@ Under **Start URL** , enter a URL at the `/authorize` endpoint for the user pool - https://mydomain.us-east-1.amazoncognito.com/authorize?response_type=code&client_id=<your_client_id>&redirect_uri=https://www.example.com&identity_provider=CorpSalesforce + https://mydomain.auth.us-east-1.amazoncognito.com/authorize?response_type=code&client_id=<your_client_id>&redirect_uri=https://www.example.com&identity_provider=CorpSalesforce @@ -125 +125 @@ Under **Start URL** , enter a URL at the `/authorize` endpoint for the user pool - https://mydomain.us-east-1.amazoncognito.com/oauth2/idpresponse + https://mydomain.auth.us-east-1.amazoncognito.com/oauth2/idpresponse @@ -237 +237 @@ You can create the authorization URL by using the elements from the previous two - https://mydomain.us-east-1.amazoncognito.com/oauth2/authorize?response_type=code&client_id=1example23456789&redirect_uri=https://www.example.com + https://mydomain.auth.us-east-1.amazoncognito.com/oauth2/authorize?response_type=code&client_id=1example23456789&redirect_uri=https://www.example.com