Error while doing IdP initiated login using AWS Cognito

Question

I am using IdP as Onelogin & aws cognito(SP). SP initiated login working fine. But when i clicked on App Portal/ Home -> on my application, then it redirects to cognito with error prompt "Invalid relayState from identity provider" I checked relay state parameter in One-Login configuration is correct like https://***:81/login which is our login page URL.

score 14 · Accepted Answer · answered Jun 18 '20 at 21:16

14

Cognito only supports SP initiated flow.

So the flow must go Cognito Authorize endpoint -> IDP -> back to Cognito.

answered Jun 18 '20 at 21:16

callo

1,374
8
12

You need to login using the Cognito Authorize endpoint such as https://yourDomainPrefix.auth.region.amazoncognito.com/oauth2/authorize?response_type=token&identity_provider=samlProviderName&client_id=yourClientId&redirect_uri=redirectUrl&scope=allowedOauthScopes – Stephane Nov 04 '22 at 13:15
Yes! That's mentioned in the article [SAML session initiation in Amazon Cognito user pools](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-SAML-session-initiation.html). – Vikram Singh Saini Jun 22 '23 at 00:31

Error while doing IdP initiated login using AWS Cognito

1 Answers1