Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

Cognito - Auth0 SAML request

0

Hi, I'm using Auth0 as SAML identity provider in conjunction with its Organization feature. I have multiple clients in Cognito and for each client I'd like to pass a different organization query parameter in the login URL. The login URL is in the SAML metadata. So I need to modify it before it's sent out to Auth0.

eg: <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://<Auth0-domain>/samlp/<Client_id>?organization=<organization_id>"/>

I'm wondering if it's possible to intercept the request before it goes to Auth0 through a lambda trigger? Or perhaps any other methods?

Please advise, Thanks!

Temas
Sin servidorCálculoSeguridad, identidad y cumplimiento
Etiquetas
AWS LambdaAmazon CognitoIdentidades federadas de Amazon Cognito
Idioma
English
rePost-User-5939308
preguntada hace un año328 visualizaciones
1 Respuesta
0
Respuesta aceptada

I don’t believe you will be able to intercept this with a lambda call.

What you may be able to do is modify the Idp settings before exporting the metadata so that you can modify the URL when it’s imported into aws. However, I have not idea I’d there is an exposed variable in cognito you can even inject into the url.

Could you have a different idp per client?

profile picture
EXPERTO
Gary Mclean
respondido hace un año

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante