GetIdentityProviderByIdentifier
Given the identifier of an identity provider (IdP), for example
                examplecorp, returns information about the user pool configuration for
            that IdP. For more information about IdPs, see Third-party IdP sign-in.
Request Syntax
{
   "IdpIdentifier": "string",
   "UserPoolId": "string"
}Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- IdpIdentifier
- 
               The identifier that you assigned to your user pool. The identifier is an alternative name for an IdP that is distinct from the IdP name. For example, an IdP with a name of MyIdPmight have an identifier of the email domainexample.com.Type: String Length Constraints: Minimum length of 1. Maximum length of 40. Pattern: [\w\s+=.@-]+Required: Yes 
- UserPoolId
- 
               The ID of the user pool where you want to get information about the IdP. Type: String Length Constraints: Minimum length of 1. Maximum length of 55. Pattern: [\w-]+_[0-9a-zA-Z]+Required: Yes 
Response Syntax
{
   "IdentityProvider": { 
      "AttributeMapping": { 
         "string" : "string" 
      },
      "CreationDate": number,
      "IdpIdentifiers": [ "string" ],
      "LastModifiedDate": number,
      "ProviderDetails": { 
         "string" : "string" 
      },
      "ProviderName": "string",
      "ProviderType": "string",
      "UserPoolId": "string"
   }
}Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- IdentityProvider
- 
               The configuration of the IdP in your user pool. Includes additional identifiers, the IdP name and type, and trust-relationship details like the issuer URL. Type: IdentityProviderType object 
Errors
For information about the errors that are common to all actions, see Common Errors.
- InternalErrorException
- 
               This exception is thrown when Amazon Cognito encounters an internal error. - message
- 
                        The message returned when Amazon Cognito throws an internal error exception. 
 HTTP Status Code: 500 
- InvalidParameterException
- 
               This exception is thrown when the Amazon Cognito service encounters an invalid parameter. - message
- 
                        The message returned when the Amazon Cognito service throws an invalid parameter exception. 
- reasonCode
- 
                        The reason code of the exception. 
 HTTP Status Code: 400 
- NotAuthorizedException
- 
               This exception is thrown when a user isn't authorized. - message
- 
                        The message returned when the Amazon Cognito service returns a not authorized exception. 
 HTTP Status Code: 400 
- ResourceNotFoundException
- 
               This exception is thrown when the Amazon Cognito service can't find the requested resource. - message
- 
                        The message returned when the Amazon Cognito service returns a resource not found exception. 
 HTTP Status Code: 400 
- TooManyRequestsException
- 
               This exception is thrown when the user has made too many requests for a given operation. - message
- 
                        The message returned when the Amazon Cognito service returns a too many requests exception. 
 HTTP Status Code: 400 
Examples
Example
The following example request returns the details of the IdP with the
                    identifier MySSO.
Sample Request
POST HTTP/1.1
Host: cognito-idp.us-west-2.amazonaws.com
X-Amz-Date: 20230613T200059Z
Accept-Encoding: gzip, deflate, br
X-Amz-Target: AWSCognitoIdentityProviderService.GetIdentityProviderByIdentifier
User-Agent: <UserAgentString>
Authorization: AWS4-HMAC-SHA256 Credential=<Credential>, SignedHeaders=<Headers>, Signature=<Signature>
Content-Length: <PayloadSizeBytes>
{
   "IdpIdentifier": "MySSO",
   "UserPoolId": "us-west-2_EXAMPLE"
}Sample Response
HTTP/1.1 200 OK
Date: Tue, 13 Jun 2023 20:00:59 GMT
Content-Type: application/x-amz-json-1.0
Content-Length: <PayloadSizeBytes>
x-amzn-requestid: a1b2c3d4-e5f6-a1b2-c3d4-EXAMPLE11111
Connection: keep-alive
{
    "IdentityProvider": {
        "AttributeMapping": {
            "email": "idp_email"
        },
        "CreationDate": 1643741231.169,
        "IdpIdentifiers": [
            "MySSO"
        ],
        "LastModifiedDate": 1703798328.069,
        "ProviderDetails": {
            "ActiveEncryptionCertificate": "[Certificate text]",
            "IDPSignout": "false",
            "MetadataFile": "<md:EntityDescriptor xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\" entityID=\"http://www.example.com/saml\"><md:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>CERTIFICATE_DATA</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:SingleLogoutService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://example.com/slo/saml\"/><md:SingleLogoutService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://example.com/slo/saml\"/><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://example.com/sso/saml\"/><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://example.com/sso/saml\"/></md:IDPSSODescriptor></md:EntityDescriptor>",
            "SLORedirectBindingURI": "https://example.com/slo/saml",
            "SSORedirectBindingURI": "https://example.com/sso/saml"
        },
        "ProviderName": "Corp-SSO",
        "ProviderType": "SAML",
        "UserPoolId": "us-west-2_EXAMPLE"
    }
}See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: