Skip to main content
This is a custom warning

Does the component apply visual style — color, typography, icons, space, borders, and more — using appropriate variable tokens?

Tovuti Remains Operational during the Global Service Degradation

[6-12-2025 1:45 PM MT] We have noticed multiple services across the internet are degraded worldwide impacted by a Google Cloud Service Disruption. We want to ensure we are monitoring and Tovuti remains up and operational at this time. There are services that may be impactful to your sites, such as YouTube and Vimeo, among others. The MOYO button in the bottom right corner of the admin panel is also affected by this disruption.

Please check back here for updates.

Email support@tovutiteam.com if you have any questions.

Unlock the power of AI-generated content creation with Dizi

Dizi is an AI-powered LMS content creation assistant that creates quizzes and lessons in seconds and entire professional-looking courses in just minutes. Turn weeks of research, planning, and lesson-building into a click of a button.
Reminder! Tovuti Weekly Maintenance Window!

Tovuti's scheduled weekly maintenance window is every Saturday between 8:00 AM and 12:00 PM, US Mountain Time.

There may be downtime during this period.

Configure AWS Cognito as the Single Sign-On Provider

  • Updated

Tovuti support several single sign-on providers. This article outlines the steps to set up AWS Cognito and covers the following concepts:

 

Set AWS as SSO Provider in Tovuti

Go to Configuration > click Single Sign-On > click New

configuration_sso_aws_01.png

 

Enter the Details tab, give this provider a Title. It is suggested that the title contains a reference to AWS for easy selection in the future.

Toggle OAuth2 in SSO Type > Select ADFS in “OAuth2 Application.”

configuration_sso_aws_02.png

 

Configure AWS Cognito as Identity Provider (IDP)

Log into AWS Admin Console > go to Cognito > select Manage User Pools

Click on "Create a User Pool." Give this user pool a Name.

Click "Add App Client" and give this app client a name. Click "Create app client."

Click "Return to pool details."

Click "Create Pool" > go to App Integration > click App client settings > select "Enabled Identity Providers" > select "Cognito User Pool."

Copy the Callback URL from the "Service Provider Settings" tab in Tovui and paste it into the Callback URL field.

configuration_sso_aws_03.png

Click Save changes.

 

Create a Domain Name in AWS

Go to App Integration > click Domain name. Enter a Domain name. 

 

For more information directly from AWS Cognito on this process, see the following documentation.

Additionally, view documentation for adding a domain name.

 

Finish Configuring Tovuti as a Service Provider (SP)

Go to General Settings > click App Clients > click Show Details

Copy and paste the following 3 items from this window into the Identity Provider Settings tab in Tovuti.

  • App Name
  • App Client ID
  • App Client Secret

Copy the Domain name and paste it into the AWS Cognito App Domain Field.

Click Update.

configuration_sso_aws_04.png

 

User Profile Field and Attribute Mapping

After configuring all the settings in AWS> click the "User Profile Field Mapping" tab in Tovuti

Enable the desired settings and provide the attributes found in AWS. Create profile fields by clicking the "+" icon.

Configuring the settings in this tab syncs the profile field and attribute information between Tovuti and AWS. The details of the User Profile Field Mapping tab are covered in this Help Center article.

While auto-registering the users on the Tovuti site, these attributes automatically map to Tovuti user details.

configuration_sso_aws_05.png

 

User Group Mapping

Click the User Group Mapping tab.

Enable the desired settings and provide the attributes found in AWS. Create profile fields by clicking the "+" icon.

Configuring the settings in this tab syncs group information between Tovuti and AWS. The details of the User Group Mapping tab are covered in this Help Center article.

While auto-registering, the users are assigned roles based on the group they are mapped to.

configuration_sso_aws_06.png

 

At any time, the configuration can be tested in the Identity Provider Settings tab.

It is recommended to run multiple tests over time to ensure everything is working properly.

configuration_sso_aws_07.png

 

Enable Login Link

Go to Details Tab > toggle Yes on Add Login Link to Navigation > select the menu where this link will appear and give the link a name

configuration_sso_aws_08.png

Click Save.

 

Use Cases

The following are possible general use cases for utilizing this feature:

 

Streamlining access for enterprise users with centralized identity management

An organization using AWS Cognito for workforce authentication wants to integrate Tovuti so employees can log in using existing credentials without maintaining separate accounts.

This feature is useful because:

  • Tovuti acts as the service provider while Cognito manages user authentication

  • Single sign-on reduces password fatigue and improves login security

  • Users are auto-registered in Tovuti with profile fields mapped from Cognito attributes

Example Use Case
An enterprise deploys Tovuti across departments for internal training. Employees sign in using their corporate AWS Cognito credentials. Their name, department, and email are auto-filled via field mapping, and their account is created instantly on first login.

 

Automating user group assignments based on Cognito attributes

A learning admin wants to ensure that users are placed in the correct User Groups upon login — such as Sales, HR, or Leadership — without manually assigning them in the LMS.

This feature is useful because:

  • Group mapping uses AWS attributes to dynamically assign Tovuti User Groups

  • Enables targeted access to specific courses or content paths

  • Reduces the administrative overhead of managing group membership

Example Use Case
A Cognito attribute “department” is used to assign new users to matching Tovuti groups (e.g., “Sales Training” or “HR Compliance”). As new hires log in, they’re instantly routed to the content that matches their role without manual LMS setup.

 

Enabling seamless and secure login from the learner portal

A program coordinator wants to add a visible login option in the learner portal menu so users know exactly how to access the LMS using their organization’s credentials.

This feature is useful because:

  • Login links can be added to specific navigation menus in the LMS

  • Custom naming (e.g., “Login with AWS”) helps with clarity and branding

  • Supports a polished learner experience for new or recurring users

Example Use Case
After completing the SSO setup, the admin adds a “Login with AWS” link to the main learner menu. New users landing on the LMS homepage see the option clearly, click it, and are authenticated through Cognito — minimizing confusion and support requests.

Related articles