Setup Authentication Identity Provider

To enable Keyless authentication, login to your AWS Cognito dashboard and follow these steps:

• Click on Federation > Identity Providers

• Click on OpenID Connect

• Insert ClientID, Client Secret and Issuer provided to you by Keyless, and configure the rest as shown in the following picture:

• Click on Run discovery to make sure the IdP can be reached successfully

Setup Enrollment Service Provider

To let your users enroll on Keyless through AWS Cognito, follow these steps:

• Click on General Settings > App Clients

• Click on Add another app client

• Choose an app name (tipically keyless_registration) and make sure Generate client secret is checked. Leave the default values for the rest.

• Send Client ID and Client Secret to Keyless

• Your configuration should look like the following image:

• Click on App integration > App client settings

• Insert Callback URL(s) and Sign out URL(s) provided to you by Keyless

• Configure the rest as shown in the following image:

Done!