Can I use AWS Cognito authenticate for Rstudio Server Pro?

I have been searching documentation about how can I use AWS Cognito authentication for my Rstudio Server pro ? but I couldn`t Find any of related documentation on internet . IS there any process that we could authenticate rstudio server pro without using PAM , Google , and proxied authentication . IF i could call json File from my S3 bucket using Centos than I think i can Do . Can any one help me to call my json file from s3 buckets.

AWS Cognito supports standard protocols such as SAML 2.0 and OpenID Connect. These are currently not supported in RStudio Server Pro, though this might change in the future. For now you can use proxied auth. I have seen customers succesfully use https://github.com/oauth2-proxy/oauth2-proxy and https://github.com/latchset/mod_auth_mellon.

1 Like

Thank you so much . I really appreciate that .I Will study these links .
sir , Can we Bypass the login Page of rstudio server pro using Ldap(cognito) ?

You can bypass the login page for RStudio Server Pro by using proxied auth, but not when using LDAP/AD. In that case you would integrate the underlying Linux server with the AD domain, c.f. https://docs.rstudio.com/rsp/configuration/authentication/active-directory/, and typ in your username and password at the login page.

BTW, one advantage of the LDAP/AD integration is user provisioning. With proxied auth you have to make sure the required users exist on the Linux system. With the LDAP/AD server integrated into PAM, the user creation can be automated.

1 Like

#veryImportant
Can`t we do sso using apache centos and bypass login using LDAP (cognito) .?
I had tried the proxied authentication method and used this

auth-proxy=1
auth-proxy-sign-in-url=http://example.com/sign-in

this will redirect to my login page that good but when i login to my login page than it again show my login page i couldn`t login to my rstudion .
i want to make sure that can we make sso with apache server . Today is my last day for research and i have to tell my customer that It will be ok or not . thankyou for being available everytime .

Most likely your authentication proxy does not forward the username header, c.f. https://docs.rstudio.com/ide/server-pro/authenticating-users.html#implementing-the-proxy.

1 Like

Can`t we do sso using apache centos and bypass login using LDAP (cognito) .?
when i tried i got 502 bad gateway error

Can you please be more specific with your questions? What do you mean by "apache centos"? What have you tried that resulted in a "502 bad gateway error"?

In order to help you, I need a clear description of what you are trying to achieve, what you have done so far, which result you expected, and what the actual result was.

1 Like

I had been following this article https://heartbeats.jp/hbblog/2017/08/mod-auth-openidc-google.html . I am trying to do OpenID connect and single sign on in reserve using httpd(apache server ) .
after finishing everything and when I try to check I got an error of 502 ( bad gateway )

Unfortunately I cannot read that page, so I am not sure what you have done. Are you sure that the username is sent in the correct HTTP header? Does that user exist on the Linux system?

BTW, for proxied auth with OpenID Connect I had good success with using https://github.com/oauth2-proxy/oauth2-proxy. Much easier to configure than Apache.