[External] ShibV4-LdapCognito Issue

[Domingues, Em]

Based on your message, you've configured AWS to redirect to Google to start the SSO flow instead of your IdP. There's your problem. You'll need to point AWS Cognito at your Identity Provider in order to actually test it.

It's been a while since I configured our Cognito integration, but for any given SP, you typically either can upload your Identity Provider's metadata, or manually have to specify one of your SingleSignOnService endpoints to use, along with the other particulars of your environment.

Em
________________________________
From: users <users-bounces at shibboleth.net> on behalf of leosimon <leosimon at digital-nirvana.com>
Sent: Friday, April 24, 2020 11:05 AM
To: users at shibboleth.net <users at shibboleth.net>
Subject: [External] ShibV4-LdapCognito Issue

I have configured Shibboleth V4 with LDAP Auth for SP AWS Cognito. For
testing, call back urls are given as https://google.com. I can see from
idp-process.log and confirm that service running fine and metadata pulled
from remote but when I visit the SP URL and click on login, it just returns
with the URL as and no logs captured in the server.

https://www.google.com/?error=server_error

At the same time, I can get the results from cli using this,

bin/aacli.sh --url https://idp.example.com/idp --requester
urn:amazon:cognito:sp:exmapleURNofSP --principal leosimon
--changed the url as example.

I am completely blank and unable to proceed further, Can someone help me
where the error would me and what I might missed?



--
Sent from: https://shibboleth.1660669.n2.nabble.com/Shibboleth-Users-f1660767.html
--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20200424/f86e72a9/attachment.html>