Step 1: Enable IAM Identity Center

Note

If you did not activate multi-factor authentication (MFA) for your root user, complete Step 3: Activate MFA for your AWS account root user before you proceed.

To enable IAM Identity Center

Sign in to the AWS Management Console as the account owner by choosing Root user and entering your AWS account email address. On the next page, enter your password.
Open the IAM Identity Center console.
Under Enable IAM Identity Center, choose Enable.
IAM Identity Center requires AWS Organizations. If you haven't set up an organization, you must choose whether to have AWS create one for you. Choose Create AWS organization to complete this process.

AWS Organizations automatically sends a verification email to the address that is associated with your management account. There might be a delay before you receive the verification email. Verify your email address within 24 hours.

Note

If you are using a multi-account environment, we recommend that you configure delegated administration. With delegated administration, you can limit the number of people who require access to the management account in AWS Organizations. For more information, see Delegated Administration in the AWS IAM Identity Center User Guide.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Part 2: Create an administrative user in IAM Identity Center

Step 2: Choose your identity source