1 Resposta
- Mais recentes
- Mais votos
- Mais comentários
1
There is not way as such in SAML to “sync” groups.
What you have to do is in the attributes returned for the user is to include group membership. It then depends if cognito will then create these groups.
I don’t have an indent centre to test with but it’s usually how SAML works.
Conteúdo relevante
- AWS OFICIALAtualizada há 7 meses
- AWS OFICIALAtualizada há 3 anos
- AWS OFICIALAtualizada há 2 anos
I thought the same thing, but Cognito doesn't seem to have such an option to map the external groups. Also, in the Identity Center docs there are no
roles
attributes mentioned https://docs.aws.amazon.com/singlesignon/latest/userguide/attributemappingsconcept.html so I'm scratching my head how this should be done. Do you have any links to docs that might be helpful?