Skip to content
Arc XP
Product Documentation

Cognito migration in Arc XP Identity

Arc XP Subscriptions lets you migrate Cognito user accounts into the Arc XP Identity. This migration is carried out for each end-user, each time a user asks to log into the system.

  1. Setup Cognito SignIn provider

    To start the migration process, you must first configure Cognito as a SignIn provider. The Arc XP Subscriptions team configures Cognito for you. To request this, you must provide from the AWS Cognito console:

    • apiKey: the Cognito user pool clientID
    • publicKey: userPoolId

    We recommend working with your Technical Account Manager and support team to make this configuration.

  2. Check the password requirements in Arc XP Identity.

    Password requirements must be the same between Cognito and Arc XP.

  3. Migrate user accounts

    This migration occurs for each end-user, each time a user asks to log into the system.

    Each time a user asks to log into the system (calling API POST /identity/public/v1/auth/login, we evaluate two scenarios:

    • If this user account (username) already exists in Arc XP Identity and the password is valid, the user is logged in to the Arc XP system.
    • If the user account (username) doesn’t exist in Arc XP Identity, POST /identity/public/v1/auth/login checks if this account exists in Cognito AWS. If this account exists in Cognito AWS, a new user account is created in Arc XP Identity with the info in Cognito AWS (meaning, this account is migrated), and the user is logged in to the Arc XP system.

    The user accounts migrated from Cognito must have an attribute (key: Cognito User, value: Yes).

    If the user account doesn’t exist in Arc XP or in Cognito AWS, the user must request for SignUp.