...
[meeting] with OCIO where 4 other projects are also working on
Jupyter
notebooks front-end to PCMs. The topic was raise for FN and public access to be able to sign into ADE+PCM for on-demand use. As a heads up, OCIO is recommending to not useKeycloak
and instead use AWS Cognito with some additional ELB proxies
AWS Cognito
According to this StackOverflow post:
Cognito exposes an OpenID Connect Discovery endpoint as described at https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationRequest at the following location:
https://cognito-idp.{region}.amazonaws.com/{userPoolId}/.well-known/openid-configuration
Because Cognito can be exposed as an OpenID Connect provider, a lot of what we have researched on OpenID Connect (specifically Keycloak
) can be applied in Cognito as well
but will still need to do additional research on implementation
Cognito doesn’t have clear instructions how to sync your LDAP
directory so will need to do further research. Related links:
...