Proxy between IdP and Cognito

Cantor, Scott cantor.2 at
Thu Apr 2 08:44:00 EDT 2020

On 4/1/20, 6:17 PM, "users on behalf of bh3 at" <users-bounces at on behalf of bh3 at> wrote:

> We have a requirement from a customer to use a public CA certificate which AWS Cognito SAML integration does not
> currently support.

I am not aware of any such restriction, though I've never tried it.

> Is this possible with Shibboleth or does it make sense to use something else?
> if so can someone provide as much info as possible since Shibboleth is completely new to me?

What does "as much info as possible" mean? The documentation *is* the info. I spent hundreds of hours writing it. Do you think an email is going to allow you to do the entire project with no learning curve?

If you know Java and Spring, using Shibboleth V4 with the SAML proxying support may be a path. If you know PHP, use SImpleSAML.php. If you know Python, use SATOSA. Etc.

-- Scott

More information about the users mailing list