I’m currently working on a project where I need to integrate an AWS Cognito User Pool with an AWS Managed Microsoft Active Directory (AD). The goal is to allow users authenticated via the Managed Microsoft AD to access applications that use Cognito for authentication and authorization.

I’ve done some research but haven’t found clear guidelines or best practices on how to achieve this integration. Specifically, I have the following questions:

Is it possible to directly integrate AWS Cognito User Pools with AWS Managed Microsoft AD? If yes, what are the necessary steps or configurations required to set up this integration?

If direct integration is not possible, what are the alternative approaches to achieve seamless authentication between Cognito and Managed Microsoft AD? For example, should I use a custom SAML federation, or is there another recommended method?

Are there any potential limitations, pitfalls, or considerations that I should be aware of when integrating these two services?

Any guidance, best practices, or references to documentation would be greatly appreciated. Thank you!