Setting up Single Sign In using Cognito to Quicksight

Hi I’m looking for a up to date way for users to sign into Quicksight from Cognito, without being asked again by Quicksight to sign in.

There are some code examples some out of date and some that require using react. I’m using just plain JavaScript/Jquery no web framework and can’t really find much. How should I go about creating this? The only up to date tutorials I can find are unfortunately paywalled on medium.

Older link using amplify - this is good but for react - also might be out of date with some of the new QS API operations

This stackoverflow post is pretty much exactly what I’m looking for - I didn’t write it

I’d like to avoid using EC2 and just pass things like via oauth tokens and account id’s via serverless function to the users browser, the below link is a very good tutorial, but I need to get the user account ID from Quicksight as well so I can list their dashboards and what not and embed dashboards.
Reduce risk by implementing HttpOnly cookie authentication in Amazon API Gateway | AWS Security Blog.

So essentially I’m just looking for a serverless way create a single sign on for users to Quicksight. This is not part of the question but my plan is to handle Quicksight account assignment separately. Users must pay to get an account, which I’m handling via Stripe. I have a script that just checks which users have paid and for what tier and assign the users respective QS account that way via their email, which I then need to attach to cognito some how.

Hello @Sean_B !

Have you tried the solution from this post?:

@duncan Yes I have checked out that post my use case is a little different which is why I haven’t tried it yet. For point 2. a user could be signed in and have a Cognito account but not have a Quicksight account / still need to pay to sign up for one.

Let me give it a try today following @ArunSanthosh answer.

@duncan @ArunSanthosh Can I use the Cognito hosted page for this? I’m attempting this from scratch with a new Cognito pool. Would this work as an intermediary page?

Any help with this? I feel like this is a question a lot of people have @ptka 's question looks to be the most viewed on the QS community.

I’ve found this repo, but it looks to be old / inactive none of the newer issues have been answered and looks like the code might be problematic now. It’d be nice if there was an updated version of the above repo or confirmation to whether the above still works.

For me currently I’m using the hosted UI which returns a code in the URL as a query parameter after successful login. From there I’m not sure how to use it to talk to QS for SSO.

Hey @Sean_B, I’m sorry about the late reply, I was OOO recently and have been catching up on old messages.

You can try using this Quicksight Embedded Analytics Developer Portal. Go to the “How To Embed It” section and follow the steps under Get Embedding URL. You’ll want to download that in the language you want to use and then use this with your Lambda.

1 Like

@duncan no worries I’m still trying to work through this. The embedding piece I get I’m having a hard time figuring out how to create a fluid serverless auth flow to Cognito + Quicksight.

1 Like

Hey @Sean_B, no problem! As of right now this is the only way I can find to make cognito work for this use case. I will mark this as a feature request for the Quicksight team.

In the meantime if you find the solution you were looking for please feel free to post it here to add to the community!