AWS re:Postを使用することにより、以下に同意したことになります AWS re:Post 利用規約
AWS re:Postre:Post

Amazon Cognito | Verify format of SAMLRequest sent to IDP

0

We are integrating with a partner who uses Amazon Cognito and we are the IDP. They have loaded our IDP metadata file and when I send a request to their authorization endpoint to initiate the SAML session, we receive a request containing SAMLRequest and RelayState values.

Amazon Cognito documentation does not state how the SAMLRequest and RelayState are generated/formatted.

Are these values encrypted and then Base64 encoded? Are there any samples or examples available of what an unencrypted SAMLRequest contains?

トピック
セキュリティ、アイデンティティ、コンプライアンス
タグ
Amazon Cognito
言語
English
rePost-User-3169185
質問済み 1年前343ビュー
1回答
0

Hi,

Cognito SAML Request are following SAML 2.0 standard are are not encrypted only signed.

You can find more information in https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-saml-idp.html

Cognito SAML Metadata can be constructed based on https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-integrating-3rd-party-saml-providers.html

Jeff

AWS
Jeff Lombardo-AWS
回答済み 1年前
  • rePost-User-3169185
    1年前

    Thank you, Jeff. Where can we configure signing of the SAMLRequest? We were able to decode and decompress the SAMLRequest, however there is no signature element included with the AuthNRequest XML received from Cognito.

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ