I am using AWS Cognito and Amplify. Through Cognito, I am using Google as a federated identity provider. How can I configure it so that only users with email addresses with a specific domain can sign-in through Google? And is it possible to specify two different domains?
Asked
Active
Viewed 352 times
1 Answers
0
You can customize the Cognito authentication workflow by adding Lambda Triggers. In this case I'd suggest looking at a Pre-Authentication Trigger. Your Lambda function could check the email domain and return an error if it doesn't match those in your list of accepted domains.
bwest
- 9,182
- 3
- 28
- 58