RFC for SAML Integration

[seanWLawrence]

Is your feature request related to a problem? Please describe. Yes, we have several clients that need SAML integration with their Amplify application and without the support, we had to create a custom solution.

Describe the solution you'd like An option in the auth plugin to allow you to set up SAML authentication just like you can with OIDC, username/password, etc.

Describe alternatives you've considered We created a custom solution that requires some manual work in the AWS console and hacky updates to the auto-generated CloudFormation templates that are cumbersome to work with.

With more time, we've considered creating a custom plugin under AWS labs that would allow this, though it seems like a better fit for the auth CLI if it's a common request or need.

Additional context My teammate @brianhubbell at ProServe would like to spec and build this out and just need some guidance on how you think we should approach this - plugin vs adding to auth - and the process for spec-ing the API before building it, etc.

[fossamagna]

I consider that auth has be modified CloudFormation template with PR #123 to support SAML idP, And shoud add feature for user interaction in order to input some parameters for SAML idP to amplify-cli.

[rohanliston]

Is there any update on this? I've got something "working" with amplify auth override, but I can't get the client config to stick due to this bug: https://github.com/aws-amplify/amplify-cli/issues/9885.

As a result, I've had to resort to manual overrides via the AWS console that get overwritten on every release.

[rohanliston]

@seanWLawrence I'd be interested to know some details about the workaround you came up with if possible!