使用 AWS re:Post 即表示您同意 AWS re:Post 使用條款
AWS re:Postre:Post

Cognito - Auth0 SAML request

0

Hi, I'm using Auth0 as SAML identity provider in conjunction with its Organization feature. I have multiple clients in Cognito and for each client I'd like to pass a different organization query parameter in the login URL. The login URL is in the SAML metadata. So I need to modify it before it's sent out to Auth0.

eg: <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://<Auth0-domain>/samlp/<Client_id>?organization=<organization_id>"/>

I'm wondering if it's possible to intercept the request before it goes to Auth0 through a lambda trigger? Or perhaps any other methods?

Please advise, Thanks!

主題
無伺服器運算安全性、身分識別與合規
標籤
AWS LambdaAmazon CognitoAmazon Cognito Federated Identities
語言
English
rePost-User-5939308
已提問 1 年前檢視次數 340 次
1 個回答
0
已接受的答案

I don’t believe you will be able to intercept this with a lambda call.

What you may be able to do is modify the Idp settings before exporting the metadata so that you can modify the URL when it’s imported into aws. However, I have not idea I’d there is an exposed variable in cognito you can even inject into the url.

Could you have a different idp per client?

profile picture
專家
Gary Mclean
已回答 1 年前

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南

相關內容