Application Load Balancer now supports authentication of user requests when accessing web-based applications through social Identity Providers such as Facebook, Google, and Amazon or enterprise Identity Providers such as ActiveDirectory and PingFederate. With this, developers can now focus on building applications for their customers by offloading the responsibility of authentication to the Application Load Balancer, while benefiting from its scale, availability, and reliability.
As enterprises are enabling their employees to access cloud-based apps from any location, identity-based security has become even more crucial. With authentication available on Application Load Balancer and integrated with Amazon Cognito, users can now be authenticated through any identity provider that supports OpenID Connect protocol or SAML2.0 or social identity providers such as Facebook, Google, and Amazon. If you already have a custom identity provider solution that is OpenID Connect-compatible, Application Load Balancer can also authenticate users by directly connecting with that Identity Provider. To learn more about the feature, please try the Elastic Load Balancing demo.
Support for user authentication in Application Load Balancer with Cognito-supported Identity Providers is available in all AWS regions that are supported by Amazon Cognito. Support for user authentication by directly integrating your OpenID Connect Identity Provider with Application Load Balancer is available in all AWS regions globally except in the China regions (Beijing and Ningxia). To learn more, please visit the Elastic Load Balancing documentation page.