Query: Tenant selection

[kskishore]

Hi,

Note: This is not an issue. Just want to confirm one additional aspect. Please do let me know if I need to raise such requests in any other forum.

I have started using this bootcamp implementation, by making few changes to authentication as per our needs.

Changes:
Instead of /auth endpoint validating UN/PWD and return tokens; my endpoint just validates UN, identifies which Tenant user belongs to, and returns Pool details (Userpool Id, AppClientId. IdPool Id). Client receives these details and uses Amplify to configure the Auth, and starts UN/PWD flow.

Reason for this change is, we can have either of (not both at the same time) the following situations:

1. User email exists in two Tenants, so this implementation would help me to display a UI to choose which Tenant user wants to login to, and accordingly initiate authentication based on the Tenant selected.
2. If Federation Authentication is configured to a Tenant, then this implementation would help me to not to enforce PWD, and redirect to respective IdP from client.

Query:

1. Auth endpoint is unauthenticated and revealing the details (Userpool Id, AppClientId. IdPool Id). Is it OK to reveal such details?
2. Is there any other way that I can achieve similar requirements (1 & 2 above)?

Thanks in advance for any help.
Sai Koya

[Translucent504]

@kskishore have you had any progress with your queries? I am implementing something very similar and have come up with the same questions.