Proxy between IdP and Cognito

bh3 at bh3 at
Wed Apr 1 18:17:16 EDT 2020

We have a requirement from a customer to use a public CA certificate which AWS Cognito SAML integration does not currently support. I am looking to see what options for using some sort of proxy and if it is possible to use Shibboleth (with/without public CA cert)  for this to have multiple IdP integrations into Cognito.

Essentially it would look like this:
Ping <-> Proxy(with public CA cert) <-> AWS Cognito
Duo <-> Proxy(without public CA cert) <-> AWS Cognito
Okta <-> Proxy(with/without public CA cert) <-> AWS Cognito

Is this possible with Shibboleth or does it make sense to use something else? if so can someone provide as much info as possible since Shibboleth is completely new to me?

Thanks in advance.


More information about the users mailing list