Learn how to set up SAML federation in Amazon Cognito with IdP-initiated SSO request signing and encrypted assertions

The blog explains the steps to set up SAML federation in Amazon Cognito using IdP-initiated single sign-on. It covers the configuration of SAML IdP, including enabling encrypted SAML assertions, setting up RelayState in SAML SSO, and integrating Entra ID as an enterprise application. The post also guides users on enabling SAML request signing for added security in SP-initiated flows

The tutorial provides detailed instructions on adding the SAML IdP to the user pool app client and testing both IdP-initiated and SP-initiated SSO flows, ensuring a secure authentication process with cryptographic signature verification.
https://aws.amazon.com/blogs/security/how-to-set-up-saml-federation-in-amazon-cognito-using-idp-initiated-single-sign-on-request-signing-and-encrypted-assertions/