AWS Cognito


  • AWS Cognito user pool

  • SSO enabled in Mitzu


  1. Login to Mitzu and navigate to the 'Manage organisation' page. Once SSO is enabled the details of the integration can be configured:

  2. Open the AWS Console and create a new app client to your AWS Cognito user pool, with the following settings:

    • Auth type: Confidential client

    • Allowed callback URLs: copy the entire value of the Redirect URL input from the Mitzu SSO settings

    • OAuth 2.0 grant types: Authorization code grant

    • OpenID connect scopes: Email must be selected

  3. Configure the client settings on the Mitzu SSO page

    • Client ID, Client Secret values can be found on the app client settings page

    • Pool ID, AWS Region and AWS Cognito signing domain can be found on the user pool settings page

  4. Click save

  5. In a different browser (or in an incognito window) verify the login flow. If it is not working as expected then please supervise your settings or contact Mitzu Support.

Last updated