En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

Cognito does not pass 'login_hint' to Federated SAML Identity Provider

1

On my initial request to https://(my domain).auth.(region).amazoncognito.com/oauth2/authorize I can see that the login_hint parameter is present on the query string. That value is unfortunately not present on the redirect to the SAML2 endpoint.

The result of this is that users must enter their e-mail address first on our site, and then a second time at their identity provider.

How do I specify this value on the /authorize request in such a way that it will be passed through?

  • Priyank
    il y a 8 mois

    I have similar situation and facing same issue. Did you find any solution?

Sujets
Sécurité, identité et conformité
Balises
Amazon CognitoIdentités fédérées Amazon Cognito
Langue
English
gavinNBS
demandé il y a 2 ans621 vues
1 réponse
0

You can add it directly in your SAML metadata. eg <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://<domain>/saml2?login_hint=<login_hint>"/>

rePost-User-5939308
répondu il y a un an
  • Priyank
    il y a 8 mois

    That won't work because parameter needs to be passthrough from /authorize request to SAML request. do you have any other option?

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents