AWS Cognito Directory Integration with Thunai

You can integrate your AWS Cognito directory with Thunai to automatically sync users. Once synced, users will appear in the Thunai Directory module, where you can manage them for features like access restrictions in agents.

Before You Begin

  • Make sure you are logged in with your Thunai Admin credentials.
  • Have access to your AWS Account with Cognito User Pool.

Keep the following details ready:

  • Access Key ID
  • Secret Access Key
  • Region
  • User Pool ID

Steps to Connect AWS Cognito Directory

Step 1: Configuration

  1. Log in to your Thunai Admin portal.
  2. Select the tenant where you want to sync the directory.
  3. Navigate to Settings > Directory, then click Directory Sync.
  4. Click Add Directory and choose AWS Cognito.

Enter the following details:

  • Access Key ID*
  • Secret Access Key*
  • Region* (example: us-east-1 )
  • User Pool ID* (example: us-east-1_XXXXXXX )

(Optional) Enable Auto Deletion for Users:

  • If a user is deleted in Cognito, they will also be deleted from Thunai during the next sync.

👉 How to Get These Details from AWS Cognito:

  1. Sign in to the AWS Management Console.
  2. Go to IAM > Users and create or select a user with programmatic access.
  3. Attach a policy that allows Cognito User Pool read access (e.g., AmazonCognitoReadOnly ).
  4. Download the Access Key ID and Secret Access Key.
  5. Go to Amazon Cognito > User Pools and copy your User Pool ID.
  6. Note your AWS Region (e.g., us-east-1 , ap-south-1 ).

Step 2: User Mapping

Map Cognito attributes to Thunai schema attributes.

Only mapped users will be synced into Thunai.

Example mapping:

  • email → email
  • given_name → firstName
  • family_name → lastName

Step 3: Policy

Define sync conditions (optional).

  • Example: Sync only users from specific groups or with certain attributes.
  • This ensures only the required users are synced into Thunai.

Step 4: Scheduler

Choose how you want to sync users:

  • One-time sync (manual).

    Periodic sync:

    • Every hour
    • Daily at a specific time

Step 5: Sync & Manage

After setup, users will be synced into Thunai Directory and shown with Onboarded status.

You can:

  • View the Job List.
  • Perform a Manual Sync anytime by clicking Sync.
  • Update the Directory Configuration when required.

Once users are synced into Thunai Directory, you can apply them in agent access restriction policies.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us