You're developing a mobile application utilizing third-party social network IdP.
What pieces of information below are required to configure a social IdP correctly? (Select THREE)
Click on the arrows to vote for the correct answer
A. B. C. D. E. F.Answer: B, D, and E.
Option A is incorrect because SAML Assertions are used with the SAML identity provider (IdP).
Option B is CORRECT because you must register the mobile application with the social identity provider (IdP)
This process creates a client App ID and App Secret within the social IdP.
Option C is incorrect because OIDC tokens are used as part of the OpenID Connect authentication flow to assert the identity of a user.
Option D is CORRECT because you must register the mobile application with the social identity provider (IdP).This process creates a client App ID and App Secret within the social IdP.
Option E is CORRECT because you must provide a list of scopes that you want to authorize your application to access.
Option F is incorrect because claims represent information about a user.
To configure a user pool social identity provider, you need to:
Choose a social identity provider: Facebook, Google, or log in with Amazon.
Type the app client ID and app client secret that you received from the social identity provider.
Type the names of the scopes that you want to authorize.
Scopes define which user attributes (such as name and email) you want to access with your app.
For Facebook, these should be separated by commas.
For Google and log in with Amazon, they should be separated by spaces.
Reference:
https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-social-idp.htmlWhen configuring a social IdP for a mobile application, the following pieces of information are required:
A. SAML Assertion: This is a security token that contains information about the user and is issued by the IdP after successful authentication. It's typically used in SAML-based authentication protocols, and it helps the mobile application to verify the identity of the user.
B. App Client ID: This is a unique identifier that's assigned by the IdP when the mobile application is registered. It's used to identify the mobile application to the IdP when requesting authentication or authorization.
C. OIDC Token: OIDC stands for OpenID Connect, and it's a standard protocol for authentication and authorization. An OIDC token is issued by the IdP after successful authentication, and it contains information about the user, such as their email address or username. This token can be used to authenticate the user to the mobile application.
D. App Client Secret: This is a secret key that's assigned by the IdP when the mobile application is registered. It's used to authenticate the mobile application to the IdP when requesting authentication or authorization.
E. List of scopes: Scopes define the level of access that the mobile application is requesting from the IdP. For example, a scope may allow the mobile application to read the user's profile information, but not their email address.
F. Set of claims: Claims are pieces of information about the user that are included in the SAML assertion or OIDC token. For example, a claim may include the user's name or email address.
Therefore, the correct answers are A, B, and E, as the mobile application needs to provide its App Client ID, the IdP needs to provide a SAML Assertion, and the mobile application needs to specify a list of scopes.