Cognito - Auth0 SAML request

Hi, I'm using Auth0 as SAML identity provider in conjunction with its Organization feature. I have multiple clients in Cognito and for each client I'd like to pass a different organization query parameter in the login URL. The login URL is in the SAML metadata. So I need to modify it before it's sent out to Auth0.

eg: <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://<Auth0-domain>/samlp/<Client_id>?organization=<organization_id>"/>

I'm wondering if it's possible to intercept the request before it goes to Auth0 through a lambda trigger? Or perhaps any other methods?

Please advise, Thanks!

주제

서버리스 컴퓨팅 보안, 신원 및 규정 준수

태그

AWS Lambda 아마존 Cognito 아마존 코그니토 페더레이션 자격 증명

언어

English

rePost-User-5939308

질문됨 일 년 전328회 조회

1개 답변

최신
최다 투표
가장 많은 댓글

이 답변이 도움이 되었나요?커뮤니티가 여러분의 지식을 활용할 수 있도록 정답을 찬성하세요.

수락된 답변

I don’t believe you will be able to intercept this with a lambda call.

What you may be able to do is modify the Idp settings before exporting the metadata so that you can modify the URL when it’s imported into aws. However, I have not idea I’d there is an exposed variable in cognito you can even inject into the url.

Could you have a different idp per client?

전문가

Gary Mclean

답변함 일 년 전

Cognito - Auth0 SAML request

관련 콘텐츠