In case you need a straightforward authentication against Cognito User Pools, but don't want to use OpenID Connect protocol, I would advise using SAML 2.0 protocol, which is supported both by Cognito and Pega.
The starting point would be to create Authentication Service of type “SAML 2.0” in Pega.
At this point of time i don't have response from AWS Cognito team whether they can provide IDP(Identity provider) metadata for SAML2.0 Auth service.
If we want to use lambda function invoking from Pega for authentication and from Lambda function will invoke AWS Cognito.
Can i know what Authentication type i need to go if i go with Lambda function?
In addition to above we want to do Multi factor authentication as well,
I went through the below URL and found of no use as when when we write custom activity to invoke pxSendOTP with a value set for OTPInputs.pyUseExternal value as true but where should I refer this new custom activity, similarly for pxVerifyOTP.
I am not sure where can i refer this wrapper activity which invoke pxSendOTP, since it is called from engine code.
Can we go-ahead with customizing/Save-as Platform Authentication (Auth Service) rule with authentication service type as Basic Credentials by which i can call external system and get authenticated using D_page.