Cognito SAML with multiple external IdPs
A customer is trying to host a third party application and allow external customers (businesses ) access to it. They need to have SAML integration with each of the businesses that purchase access to this tool. The end goal is that the business buys access, integrates with the tool via SAML, and then there are no extra IDs to manage.
I think this is just configuring a provider in IAM for each of these businesses, and then adding them to a Cognito Identity Pool, but I haven't found an example to confirm.
Asking for confirmation of approach, examples if possible, and description of how it will pick the correct provider given multiple user bases ( email address? ).
Thanks!
You can use Amazon Cognito User Pools federation by adding a sign-in through a SAML IdP (among others). Just to note that this is different from Amazon Cognito Identity Pools (Federated Identities) flow. Building ADFS Federation for your Web App using Amazon Cognito User Pools blog post provides end-to-end walk through.
As for SAML IdP identifier to automatically redirect the user to relevant IdP and UI customization, see Choosing SAML Identity Provider Names in the documentation.
Relevant questions
Cognito SAML with multiple external IdPs
Accepted Answerasked 3 years agoUser pool third-party OIDC - token request
Accepted Answerasked 4 months agoTransit Gateway shared with AWS Resource Access Manager (AWS RAM) identify all accounts as external
Accepted Answerasked 3 years agoCustomer with Multiple Users Needs Concurrent Access to Application and Database
Accepted Answerasked 2 years agoPower Users can't invite external users?
asked 8 days agoIs it possible to send an email following an external DNS provider, with a different email address than the DNS host?
asked 5 days agoHow to restrict access to S3 assets (via CloudFront) based on asset meta data that is stored in a third party application?
Accepted Answerasked 2 years agoCognito - Azure AD SAML response
asked 3 months agoDetermining the identity provider for SAML IdPs using a query parameter
asked a year agoCreate custom shortcut through the AppStream 2.0 Windows Client
Accepted Answerasked 2 years ago