Security Assertion Markup Language (SAML) is an open standard that is used to securely exchange authentication and authorization data between a SAML identity provider and a service provider.
Create and update your IAM SAML provider, a trust relationship with between a SAML 2.0 IdP and AWS.
To enable users to sign in to AppStream 2.0 by using their existing credentials, and start streaming applications, you can set up identity federation using SAML 2.0. To do this, use an IAM role and...
Enable WorkSpaces client application registration and signing in to WorkSpaces for your users by using their SAML 2.0 identity provider (IdP) credentials and authentication methods by setting up id...
Attribute, Description ; NameID, The value of this assertion must be the same as the Microsoft Entra user’s ImmutableID. It can be up to 64 alpha numeric characters. Any non-html safe characters must be encoded, for example a “+” character is shown as “.2B”. ; IDPEmail, The User Principal Name (UPN) is listed in the SAML response as an element with the name IDPEmail The user’s UserPrincipalName (UPN) in Microsoft Entra ID / Microsoft 365. The UPN is in email address format. UPN value in Windows Microsoft 365 (Microsoft Entra ID). ; Issuer, Required to be a URI of the identity provider. Don't reuse the Issuer from the sample messages. If you have multiple top-level domains in your Microsoft Entra tenants, the Issuer must match the specified URI setting configured per domain.
When the flow is initiated by the IdP. For example, when users choose an application in the IdP user portal in a web browser. ; When the flow is initiated by the WorkSpaces client. For example, when users open the client application and sign in. ; When the flow is initiated by WorkSpaces Web Access. For example, when users open Web Access in a browser and sign in.
Security Assertion Markup Language 2.0 ( SAML 2.0 ) is a version of the SAML standard for exchanging authentication and authorization identities between security domains. SAML 2.0 is an XML-based protocol that uses security tokens containing assertions to pass information about a principal...
Accept all cookies · Continue without accepting · Customize cookies
web identity federation . However, SAML 2.0–based IdPs in your organization handle many of the details at run time for performing authentication and authorization checking. This is the...
Solution, More information ; Auth0, Integrate with Amazon Web Services – This page on the Auth0 documentation website has links to resources that describe how to set up single sign-on (SSO) with the AWS Management Console and includes a JavaScript example. You can configure Auth0 to pass ; Microsoft Entra, Tutorial: Microsoft Entra SSO integration with AWS Single-Account Access ; Centrify, Configure Centrify and Use SAML for SSO to AWS – This page on the Centrify website explains how to configure Centrify to use SAML for SSO to AWS.