New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AWS CLI V2 AWS SSO Manual Prompt #5533
Comments
We need this. The latest version of chrome just broke the automated login and the only way to get around this issue is to change your default browser to something else. It's a pain. |
Thanks, marking as feature request. |
Another option would be to simply not send the the authorization code with the request. |
Is your feature request related to a problem? Please describe.
When performing "aws sso login --profile someprofile" and then login to the environment, AWS SSO automatically launches the browser as expected in the documentation.
One problem that we are seeing is when using the integration with Azure Active Directory. It will try to automatically login using an AAD user id that might already be logged in.
In our enterprise we have multiple user accounts, one of them being an administrative account separate from a regular user account. We often use different sessions / browsers that are authenticated at the time. The default browser is more often than not, the regular account and not the required administrative account.
Since it tries to auto-login and fails you cannot copy and paste the URL in a different browser with the same token.
Describe the solution you'd like
A switch that can be passed to prevent the automatic opening of the browser. Alternatively the passing of credentials to the IDP could include the force selection of which profile to login. I believe the easiest and most attainable interim solution is an additional switch that does not automatically launch the browser but would require the user to copy / paste to selected destination.
aws sso login --no-prompt
or
aws sso login --no-browser
Describe alternatives you've considered
The current work around is to login to the default browser with our administrative account. This is not always desirable.
The text was updated successfully, but these errors were encountered: