Amazon web services (AWS) supports single sign-on (SSO) that is initiated by the identity provider. AWS can be integrated with the WSO2 Identity Cloud as indicated in this topic to provide SSO for users of this application.
- Log in to the Identity Cloud.
- Click Download IDP metadata to download metadata xml.
- Go to https://aws.amazon.com and sign in to the AWS management console using valid AWS account.
- In the AWS services page, under security, identity & compliance, click IAM.
- In the left navigation panel, click Identity providers.
- Create an identity provider by selecting the provider type as SAML, entering a provider name and uploading metadata xml file.
- In the left navigation panel, click Roles.
- Enter a unique role name and click Next Step at the bottom of the page.
- In select role type page, select Role for Identity Provider Access and select Grant Web Single Sign-on (WebSSO) access to SAML providers.
Grant Web Single Sign-On (SSO) access to SAML identity providers or Grant API access to SAML identity providers.
- In establishing trust page, select the provider that you're creating the role for (i.e. wso2_identity_cloud)