1 Risposta
- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
1
There is not way as such in SAML to “sync” groups.
What you have to do is in the attributes returned for the user is to include group membership. It then depends if cognito will then create these groups.
I don’t have an indent centre to test with but it’s usually how SAML works.
Contenuto pertinente
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata 3 anni fa
- AWS UFFICIALEAggiornata un anno fa
I thought the same thing, but Cognito doesn't seem to have such an option to map the external groups. Also, in the Identity Center docs there are no
roles
attributes mentioned https://docs.aws.amazon.com/singlesignon/latest/userguide/attributemappingsconcept.html so I'm scratching my head how this should be done. Do you have any links to docs that might be helpful?