By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

View SAML assertions passed to Cognito

1

My company uses Cognito to manage users for our website.

I would like to debug problems users have signing in with SAML.

Is there a way to see logs on SAML assertions that are passed from our user's IdP to Cognito?

I'm hoping there's a place where I can see the content of every SAML assertion that Cognito receives. So far I have not found anything like this.

Topics
Security, Identity, & Compliance
Tags
Amazon Cognito
Language
English
rePost-User-0384052
asked a year ago605 views
1 Answer
1

I would recommend using the SAML tracer chrome extension(It's like fiddler for SAML). Please see the following URL. If you are unable to use the extension or it does not meet your needs then please use AWS CloudTrail logs.

https://chrome.google.com/webstore/detail/saml-tracer/mpdajninpobndbfcldcmbpnnbhibjmch?hl=en

AWS
Gaurav
answered a year ago
  • Julio Lemes
    2 months ago

    Sometimes we don't have access to the user's machine and it can't be tested on our side ( clients that use VPN for example ). Having a way to get logs on what the SAML request and response sent would be beneficial in my opinion.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content