I have a user pool with multiple SAML IdPs set up. I don't want my SSO customers to have to choose which IdP to use, as this would expose our customer list. I understand I can route the users to the appropriate IdP using an Identifier (email domain), but I would prefer to route this automatically based on sending a query parameter to the login page. The AWS documentation suggests this should be possible
https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-saml-idp-authentication.html
"Alternatively, if your app gathered information before directing the user to your user pool, it can provide that information to Amazon Cognito through a query parameter."
but the documentation doesn't specify what this query parameter is called. I have tried a number of options, like 'provider' or 'IdPprovider', but none seem to work. Does this feature work? If so, what is the name of the query parameter I should use?
AWS 官方已更新 8 個月前