I have existing user pool , i want to intergrated SAML based login. while login should not create a new user in user pool instead map to existing user on email id
Hi there! Our community of experts over at re:Post may be able to provide additional guidance on this one. Feel welcome to share more info with them about your use case, here: go.aws/aws-repost. ^KS
Hi. 👋 Resources used in this video can be found at timestamp 5:45. 📼 If you'd like, you can learn more about this topic, by following this link: go.aws/3WHVOsG. 🔖 ^SA
@@awssupport Thanks for the reply. I was asking the Express JS application used as client app at time stamp 10:16 ua-cam.com/video/1vYUt2u2EB0/v-deo.html
What happens when you want to sign out and force the user to re-input their login credentials on the idp side, I've configured this and it seems that when logging out the SSO session is still cached some how and the expiration of the SSO app session and cognito JWT tokens are mismatched.
Apologies for the trouble! This doc might point you in the right direction for help: go.aws/3PaxRpp. You can also ask our community of experts this question on re:Post, for more technical insight and support: go.aws/aws-repost. ⬅️ ^AD
Hi there, this doc may be of use to you: go.aws/3SDVVlB. If you need additional assistance, you can also hop on our AWS re:Post: go.aws/aws-repost. re:Post is a place where you can view and possibly post to our AWS industry experts for help with your needs. 🧠 ^DC
Apologies for any inconvenience, Kelly. Unfortunately, AWS Cognito doesn't currently have multi-region support. We are always looking to improve our services & If you'd like, you can share this as feedback directly to our service teams using these options: go.aws/feedback. 💭 ^RN
Hi there, here is a blog that might help answer your question: go.aws/4eaoWiH. Additionally, another option to get this question answered is re:Post: go.aws/aws-repost. Our AWS industry experts hang out in that forum, and you can post and read posts from them. ^DC
Hi Janrey! SAML federation can be performed using browser only, there is no Cognito SDK or AWS JS SDK to support SAML federation using code. An end user is needed to interact. You just need to show a button in your app (with text "Login with SAML") which your end-users can click; and then the user will be redirected to Cognito hosted UI endpoint or SAML endpoint depending on whether customer using SP-initiated federation or IdP-initiated federation. For further discussion around this, please reach out on re:Post: go.aws/aws-repost. 😀 ^ES
It's a pleasure. 😀 While we don't have an example of the applied federation code available as yet, we've submitted your question for internal review. 🔎 ^ZP
Good news! Our team provided these GitHub resources. One will take you to a code repo and the other to test the authorization code for tokens: go.aws/464YJyt & go.aws/46aPlJA. 🔗 For further technical questions, we suggest reaching out to our free community of helpful engineers at re:Post: go.aws/aws-repost. ✍️ ^ZP
How to generate relay state url ? Is there any format ? Please share
This drove me nuts all afternoon, just figured it out...
@@brianji1068 finally
client_id=xxx&identity_provider=xx&scope=xxx&response_type=code&redirect_uri=redirecturl
@@brianji1068what was the solution?
@@brianji1068👀 please share
I have existing user pool , i want to intergrated SAML based login. while login should not create a new user in user pool instead map to existing user on email id
Hi there! Our community of experts over at re:Post may be able to provide additional guidance on this one. Feel welcome to share more info with them about your use case, here: go.aws/aws-repost. ^KS
Thanks for nice and easy demo video. Is it possible to share the Express JS client test app.
Hi. 👋 Resources used in this video can be found at timestamp 5:45. 📼 If you'd like, you can learn more about this topic, by following this link: go.aws/3WHVOsG. 🔖 ^SA
@@awssupport Thanks for the reply. I was asking the Express JS application used as client app at time stamp 10:16
ua-cam.com/video/1vYUt2u2EB0/v-deo.html
What happens when you want to sign out and force the user to re-input their login credentials on the idp side, I've configured this and it seems that when logging out the SSO session is still cached some how and the expiration of the SSO app session and cognito JWT tokens are mismatched.
Apologies for the trouble! This doc might point you in the right direction for help: go.aws/3PaxRpp. You can also ask our community of experts this question on re:Post, for more technical insight and support: go.aws/aws-repost. ⬅️ ^AD
I have existing user pool , i want to intergrated SAML based login. Do I need external Idps?
Hi there, this doc may be of use to you: go.aws/3SDVVlB. If you need additional assistance, you can also hop on our AWS re:Post: go.aws/aws-repost. re:Post is a place where you can view and possibly post to our AWS industry experts for help with your needs. 🧠 ^DC
Is it possible to backup user passwords to another region yet? This has been a major limitation of Cognito since it was first released.
Apologies for any inconvenience, Kelly. Unfortunately, AWS Cognito doesn't currently have multi-region support. We are always looking to improve our services & If you'd like, you can share this as feedback directly to our service teams using these options: go.aws/feedback. 💭 ^RN
Is it possible to use a PIV authentication in AWS Cognito without an IDP?
Hi there, here is a blog that might help answer your question: go.aws/4eaoWiH. Additionally, another option to get this question answered is re:Post: go.aws/aws-repost. Our AWS industry experts hang out in that forum, and you can post and read posts from them. ^DC
Awesome! is that possible to share us the Express JS syntax? Thank you!
Hi Janrey! SAML federation can be performed using browser only, there is no Cognito SDK or AWS JS SDK to support SAML federation using code. An end user is needed to interact. You just need to show a button in your app (with text "Login with SAML") which your end-users can click; and then the user will be redirected to Cognito hosted UI endpoint or SAML endpoint depending on whether customer using SP-initiated federation or IdP-initiated federation. For further discussion around this, please reach out on re:Post: go.aws/aws-repost. 😀 ^ES
@@awssupport Thank you for your response. Could you share an example implementation with the federation code applied?
It's a pleasure. 😀 While we don't have an example of the applied federation code available as yet, we've submitted your question for internal review. 🔎 ^ZP
@@awssupport Amazing! 😀 Please let me know if you already have 🙏
Good news! Our team provided these GitHub resources. One will take you to a code repo and the other to test the authorization code for tokens: go.aws/464YJyt & go.aws/46aPlJA. 🔗 For further technical questions, we suggest reaching out to our free community of helpful engineers at re:Post: go.aws/aws-repost. ✍️ ^ZP