SSO with Cognito and Amplify + Angular

Question

This could be a duplicate question but I'm not able to resolve it.

We have three websites running on Angular 10:

sso.mywebsite.com

dev.mywebsite.com

demo.mywebsite.com

When somebody comes to dev or demo site, they click on login icon and redirects to sso.mywebsite.com. There user is authenticated with Cognito using Amplify + Angular.

Now the user is redirected back to the dev or demo site from where login was initiated. Here if the user is already authenticated from sso website, s/he should be redirected to the main pages of website which is not happening.

After some research on the internet, I found that Amplify should be able to load authentication data if cookieStorage is defined something like this in Angular:

export const environment = {
  AMPLIFY: {
    region: 'us-east-2',
    userPoolId: 'us-east-2_xxxxxx',
    authenticationFlowType: 'USER_PASSWORD_AUTH',
    userPoolWebClientId: '2xxx6j8xxxx1u2dixxxxnge',
    cookieStorage: {
      domain: 'mywebsite.com',
      secure: false,
      path: '/',
      expires: 365,
    }
  }
};

The cookieStorage settings are same in all three websites. But Amplify still cannot read authentication data. What am I doing wrong here?

Answer 1

I fixed this with following settings:

Set .mywebsite.com instead of mywebsite.com

export const environment = {
  AMPLIFY: {
    region: 'us-east-2',
    userPoolId: 'us-east-2_xxxxxx',
    authenticationFlowType: 'USER_PASSWORD_AUTH',
    userPoolWebClientId: '2xxx6j8xxxx1u2dixxxxnge',
    cookieStorage: {
      domain: '.mywebsite.com',
      secure: false,
      path: '/',
      expires: 365,
    }
  }
};