The generic SAML connector does not provide any user specific attributes, which are required for using SAML with AWS Cognito. Cognito relies on attributes as a map of information from the SAML token to the OIDC token it generates.
There are several reason we want to use cognito:
1. It is a better use for end user login, but integration with the Directory service allows internal users to keep their credentials in one place.
2. Elastic search now allows cognito to be used for authentication to it's built in Kibana.
3. Allows for testing of additional SAML connections with Cognito.
At the very least, I need the email address attribute passed through. First and Last name would also be nice, but not required. Documentation will probably be needed to let user know what attributes are being sent, but decoding the SAML token is easy enough to see attributes.
This question has received the maximum number of answers.