Cognito - Auth0 SAML request

0

Hi, I'm using Auth0 as SAML identity provider in conjunction with its Organization feature. I have multiple clients in Cognito and for each client I'd like to pass a different organization query parameter in the login URL. The login URL is in the SAML metadata. So I need to modify it before it's sent out to Auth0.

eg: <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://<Auth0-domain>/samlp/<Client_id>?organization=<organization_id>"/>

I'm wondering if it's possible to intercept the request before it goes to Auth0 through a lambda trigger? Or perhaps any other methods?

Please advise, Thanks!

1 Answer
0
Accepted Answer

I don’t believe you will be able to intercept this with a lambda call.

What you may be able to do is modify the Idp settings before exporting the metadata so that you can modify the URL when it’s imported into aws. However, I have not idea I’d there is an exposed variable in cognito you can even inject into the url.

Could you have a different idp per client?

profile picture
EXPERT
answered a year ago
profile picture
EXPERT
reviewed 3 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions