How to configure OpenID in Cognito via CLI?

[pcolmer]

Which Category is your question related to?

auth configuration

Amplify CLI Version

6.3.1

What AWS Services are you utilizing?

Cognito

Provide additional details e.g. code snippets

This is possibly/probably related to https://github.com/aws-amplify/amplify-cli/issues/8491.

Our Amplify project is using Cognito. We need to configure Cognito to support OpenID. We know how to configure it through Cognito's web interface but we need Amplify to know how to do it so that our CI/CD workflow can ensure that things are correctly & consistently configured.

At the moment, it looks like doing amplify pull then amplify push has resulted in Google and OpenID configuration getting removed from Cognito.

[PatrykMilewski]

Just for clarification, you want Cognito to integrate with OIDC using OpenID, for example Auth0/Okta etc.?

If yes, then unfortunatelly it's not possible. Amplify right now only supports a few basic OIDC integrations, like Apple and Google IdP.

Please vote for this PR to be merged, as it's already implemented, but not ready to be merged yet: https://github.com/aws-amplify/amplify-cli/pull/3409

[pcolmer]

@PatrykMilewski I have now voted for #3409. I'm hoping that if that gets merged, it will allow the configuration via a JSON block for headless mode.

However, I am still really perplexed (hence #8491) over why amplify init is needed in a CI/CD workflow rather than amplify pull to fetch the current configuration from the cloud.