Documentation Index
Fetch the complete documentation index at: https://docs.cognite.com/llms.txt
Use this file to discover all available pages before exploring further.
PrerequisitesMake sure that you have already registered the Cognite API and the Cognite Data Fusion application in Amazon Cognito.
Create a service account in Amazon Cognito
Sign in to the Amazon Cognito
Sign in to the Amazon Cognito console as an admin. If prompted, enter your AWS credentials.
Select a user pool
Select User Pools and select an existing user pool from the list, or create a user pool.
Create an app client
- Under App client list, select Create app client.
- Under App type, select Confidential client.
- Enter an App client name.
- Under Client secret, select Generate a client secret.
- Under Authentication flow, select ALLOW_REFRESH_TOKEN_AUTH. Keep the default settings for the remaining fields under Authentication flows.
- Under Hosted UI settings, set Allowed callback URLs to https://cognitedata.com.
- In Identity providers, select Cognito user pool.
- In OAuth 2.0 grant types, select Client credentials.
- In Custom scopes, select https://cognitedata.com/user_impersonation and https://{{cluster}}.cognitedata.com.
- At the bottom of the page, select Create app client.
Copy the Client ID
Copy and make a note of the Client ID. You’ll use this name to add the service account as a member to a CDF group.
Add a service account to a new CDF group
To add an Amazon Cognito service account to a new group in Cognite Data Fusion:Sign in to Cognite Data Fusion
Sign in to Cognite Data Fusion as an admin.
Configure the group
- Enter a Unique name for the group and Add capabilities.
- Under Members, select Externally managed.
- In the Source ID field, enter the Client ID you copied from Amazon Cognito in the previous section.