Skip to main content
  1. Chyron
  2. AXIS
  3. Guides
  4. SSO Cognito Implementation

02: First Login for Migrated Users and New User Creation

Due to AWS Cognito integration, user management now involves two distinct processes: migration of existing Axis users into Cognito, and the creation of new users post-integration. These processes ensure that all users benefit from the enhanced security and streamlined management provided by Cognito.

2.1. Existing Users

  • On first login, the user enters their email and any password (no valid password exists yet).

  • Axis detects that the account requires setup and prompts the user to reset their password. The user must enter their email address again.

  • After clicking on ‘Reset my password’ button:
    • Axis displays a "Password Reset Sent" confirmation screen.

  • The password reset email contains a RESET PASSWORD button.
  • The user clicks RESET PASSWORD, which opens the password reset page in Axis.
  • The user sets a new password following Cognito’s security requirements
  • After successfully setting a new password:
    • A confirmation email is sent from no-reply-axis@chyron.com confirming that the password was successfully updated and that the user can now log in.

  • The user is authenticated by Cognito and logged in to Axis.

2.2. New User Creation After Integration

  • Creating new users:
    • Admins create users directly in Axis without setting passwords.
    • Axis automatically generates a secure temporary password (GUID-based) upon user creation.
  • Welcome email: 
    • Newly created users receive a welcome email including:
      • A confirmation that the account has been activated and the user can now log in.
      • The registered email address for the account.
      • An auto-generated permanent password created by the system.
      • A LOGIN button linking directly to the Axis login page.

  • First login for new users:
    • Users log in with the credentials received via the welcome email. They can either click the LOGIN button in the email or access the standard Axis login page directly.
    • Users at the first login are not prompted to change their password, because auto-generated password is not a temporary password and will not expire.
    • If the users want to change auto-generated password, they have to follow and complete Axis “Forgot my password” flow
    • Users can change the password any time via the Axis “Forgot Password” flow (even before first login if desired).

Summary of expected behavior:

  • Passwords are never manually managed by admins.
  • Axis powered by AWS Cognito securely handles password creation and resets.
  • Existing users smoothly transition via mandatory password resets.
  • New users immediately integrated into Cognito, improving overall security and user experience.
Español