1 Respuesta
- Más nuevo
- Más votos
- Más comentarios
1
There is not way as such in SAML to “sync” groups.
What you have to do is in the attributes returned for the user is to include group membership. It then depends if cognito will then create these groups.
I don’t have an indent centre to test with but it’s usually how SAML works.
Contenido relevante
- OFICIAL DE AWSActualizada hace un año
- OFICIAL DE AWSActualizada hace 6 meses
- OFICIAL DE AWSActualizada hace 3 años
I thought the same thing, but Cognito doesn't seem to have such an option to map the external groups. Also, in the Identity Center docs there are no
roles
attributes mentioned https://docs.aws.amazon.com/singlesignon/latest/userguide/attributemappingsconcept.html so I'm scratching my head how this should be done. Do you have any links to docs that might be helpful?