ks888 / LambStatus

[Maintenance mode] Serverless Status Page System
https://lambstatus.github.io
Apache License 2.0
1.3k stars 120 forks source link

Support Cognito User Pool with SAML IdP #156

Closed jeffmarcinko closed 5 years ago

jeffmarcinko commented 5 years ago

Cognito user pools natively support integration with SAML IdPs for authentication. I am trying to enable SAML to federate with an existing user directory. Has anyone gotten this to work?

I've configured the user pool settings per AWS documentation and I can confirm that I am getting a SAML response from my IdP. I'm also getting a valid access token issued by Cognito. I confirmed this by using the aws cognito-idp get-user --access-token <---> command and I can see my user attributes.

The problem I'm having is that when I get redirected to the callback url I always get prompted by LambStatus with the Sign In. The callback url is simply set to the url of the admin page. If I enter credentials at the sign in prompt it works but this nullifies the point of the federated login.