Additional PagesSSO Self-Service Onboarding |
...
metadata_url
SSO SAML form
identifiers:
saml.corestrengths.comemail attribute mapping
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/email
metadata url
NOTE: DO NOT USE THIS FOR CUSTOMERS
https://login.microsoftonline.com/2255232a-4dba-484e-8dad-53bf9950a79d/federationmetadata/2007-06/federationmetadata.xml?appid=96ccd567-a990-4dfc-a331-6e20d5b35291
...
Current IAM Authentication page-ish looks very similar to the following mock
...
Clicking on the SSO tab, for example, would bring one to a new authentication page akin the following mock
...
Entering an email here allows us to ask Cognito for the correct Identity Provider. Having that, we can redirect to the Federations authentication page. This page is outside of corestrengths.com and manages all the things auth related for said Federation, e.g. logging in, resetting passwords etc. If someone is already logged into this Federation, they are automatically redirected to redirect_uri with a code parameter and whatever state parameter we sent… and technical things begin to happen… ultimately leading to being redirected to our landing page… all on behalf of the person clicking SIGN IN.