Proxy between IdP and Cognito

bh3 at bh3 at
Thu Apr 2 19:32:46 EDT 2020

Thanks for the response. What I meant by "as much info as possible" is related to my question "Is this possible with Shibboleth or does it make sense to use something else?".  I'm not sure what warranted the snarky response but nobody wants to spend "hundreds of hours" digging through documentation and possibly "hundreds or hours" more on configuring something that in the end will not provide a solution to a problem.

You provided some directional info that is helpful, thanks.


On Thu, Apr 2, 2020, at 5:44 AM, Cantor, Scott wrote:
> On 4/1/20, 6:17 PM, "users on behalf of bh3 at" 
> <users-bounces at on behalf of bh3 at> wrote:
> > We have a requirement from a customer to use a public CA certificate which AWS Cognito SAML integration does not
> > currently support.
> I am not aware of any such restriction, though I've never tried it.
> > Is this possible with Shibboleth or does it make sense to use something else?
> > if so can someone provide as much info as possible since Shibboleth is completely new to me?
> What does "as much info as possible" mean? The documentation *is* the 
> info. I spent hundreds of hours writing it. Do you think an email is 
> going to allow you to do the entire project with no learning curve?
> If you know Java and Spring, using Shibboleth V4 with the SAML proxying 
> support may be a path. If you know PHP, use SImpleSAML.php. If you know 
> Python, use SATOSA. Etc.
> -- Scott
> -- 
> For Consortium Member technical support, see 
> To unsubscribe from this list send an email to 
> users-unsubscribe at

More information about the users mailing list