This section includes the configuration required to integrate Advanced Authentication with Amazon Web Services Single Sign-On (AWS SSO). This integration secures the connection with Advanced Authentication verification methods and allow users to seamlessly access AWS services after the successful SAML authentication.
After the integration, Advanced Authentication serves as an Identity Provider and AWS Single Sign-On serves as a Service Provider.
To configure the integration of Advanced Authentication with AWS Single Sign-On, perform the following tasks:
Ensure that the following requirements are met:
AWS SSO is intended for organizations. Use your existing organization or create one.
For more information, see Create an Organization.
Make sure the repository that you are using contains users with email addresses specified. You cannot use the LOCAL repository in Advanced Authentication because the local users do not have email address.
Add users’ details to AWS.
NOTE:The username of each user in AWS must be user’s email address else you cannot map the user account. If the mapping is not valid then SAML authentication might fail.