...
| Warning |
|---|
This is not a replacement for the actual documentation and you cannot cut and paste your way to a working system. The examples are not usable without taking into consideration your local needs and requirements. |
...
The SAML-related documentation is mostly under https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation.html but testing this really requires a bit of work with their OAuth support to at least mock up test cases.
Note that unlike AWS-proper, each Cognito User Pool is its own SP and is handled distinctly.
| Table of Contents |
|---|
Identity Provider Metadata
...
They do not provide any SP metadata; it has to be manually pieced together from their documentation and that's somewhat scattered across different pages and you have know to know what you're looking for.
...
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<!-- Container for any overrides you want to add. --> <util:list id="shibboleth.RelyingPartyOverrides"> <!-- other overrides... --> <bean p:id="example.SignAssertionsOnlyDisableEncryption" parent="RelyingPartyByName"> <constructor-arg name="relyingPartyIds"> <list> <value>urn:amazon:cognito:sp:us-east-2_poolid</value> </list> </constructor-arg> <property name="profileConfigurations"> <list> <bean parent="SAML2.SSO" p:encryptAssertions="truefalse" /> <bean parent="SAML2.Logout" /> </list> </property> </bean> </util:list> |
...