using SAML in AWS Lambda
waldbiec at lafayette.edu
Thu Jun 10 23:05:43 UTC 2021
I've set up a Cognito user pool and configured our Shib IdP to authenticate
users to it. I don't know if it is practical/possible to accept
authentications from the dynamic set of IdPs in the InCommon Federation. I
know you can set up specific bilateral relationships between the user pool
and SAML IdPs, so if you have a reasonable number of IdPs you want to do
business with, it is probably an option. The first 50 active users a month
covered in the free tier. Each federated user beyond that is $0.015 USD, so
150 users would be $1.50.
On Thu, Jun 10, 2021 at 2:49 PM Phil Tracy <ptracy at northwestern.edu> wrote:
> I’m passing this along from a developer colleague. If any of you have
> related experience and are willing to share, he’d very much appreciate
> talking with you - I can put you in touch. Since most/all of his partner
> schools are part of InCommon, I think SAML federation is an ideal solution
> for this application. The piece I don’t know how to advise him on is
> getting a SAML SP-like widget in front of the AWS Lambda stuff. Thanks!
> We're developing a new application. Most of our users are part of
> Northwestern, but we occasionally need to collaborate with faculty members
> from other nearby universities, so they need to log in.
> The app is written in PHP and being deployed on AWS Lambda w/ API Gateway
> serving as the "web server". For Northwestern logins, we're using Azure
> AD's OAuth2 APIs and a PHP library to process the callback.
> I need to figure out the simplest way of permitting SAML logins from other
> universities. (From there, the app can do authorization -- it'll already
> know who has been invited to collaborate on a project.)
> Phil Tracy
> Lead Developer
> Northwestern IT, Identity Services
> For Consortium Member technical support, see
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users