使用AWS re:Post即您表示您同意 AWS re:Post 使用条款
AWS re:Postre:Post

Amazon Cognito | Verify format of SAMLRequest sent to IDP

0

We are integrating with a partner who uses Amazon Cognito and we are the IDP. They have loaded our IDP metadata file and when I send a request to their authorization endpoint to initiate the SAML session, we receive a request containing SAMLRequest and RelayState values.

Amazon Cognito documentation does not state how the SAMLRequest and RelayState are generated/formatted.

Are these values encrypted and then Base64 encoded? Are there any samples or examples available of what an unencrypted SAMLRequest contains?

主题
安全、身份和合规性
标签
Amazon Cognito
语言
English
rePost-User-3169185
已提问 1 年前343 查看次数
1 回答
0

Hi,

Cognito SAML Request are following SAML 2.0 standard are are not encrypted only signed.

You can find more information in https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-saml-idp.html

Cognito SAML Metadata can be constructed based on https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-integrating-3rd-party-saml-providers.html

Jeff

AWS
Jeff Lombardo-AWS
已回答 1 年前
  • rePost-User-3169185
    1 年前

    Thank you, Jeff. Where can we configure signing of the SAMLRequest? We were able to decode and decompress the SAMLRequest, however there is no signature element included with the AuthNRequest XML received from Cognito.

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则

相关内容