'How to integrate IDP-initiated SSO with AWS API gateway using Auth0?

I have a React App + Set of lambda's which are using JWT api gateway authorizer (using cognito user pool as IDP)

Additionally I have an Auth0 app + SAML IDP-initiated enterprise connection which direct the logged users in my React App along with SAML assertion.

What will be the best and simplest solution to enable users who are directed to the React app with the SAML to be authorized in the API gateway?

I have came up with this possible solution: create a custom API gateway authorizer which will accept the SAML assertion and will validate it using passport.

  1. Is my solution applicable?
  2. Is there an existing solution (code reference) for such authorizer? (could not find such...)
  3. Are there simpler \ better solutions?
aws-api-gatewayamazon-cognitosamlauth0


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions

Logging into SAML/Shibboleth authenticated server using python

Configuring Oracle APEX to use SAML authentication

SAML response and assertion is signed/unsigned?

Why is Cognito rejecting my SAML assertion?

Howto disable signature verification in Spring Security SAML 5.6.1?

InResponseToField error after Spring Session upgrade

How to change outgoing claims for SAML based SSO in Azure AD?

Sustainsys.Saml2 - Saml2/Acs endpoint returns Error 500 when processing SSO

How to get metadata xml for SAML IdP initiated SSO

AADSTS75011 Authentication method by which the user authenticated with the service doesn't match requested authentication method AuthnContextClassRef

Get expiration date of signing certificate(s) within a SAML metadata file

Shibboleth IDP with ADB2C integration

How can I diagnose the cause of AWS Cognito's SAML assertion processing errors?

Using an API key in Amazon API Gateway

Does AWS API Gateway private integration with ALB works with ALB https listener