Amazon AppStream 2.0
Developer Guide

AppStream 2.0 Integration with SAML 2.0

For more information about additional supported SAML providers, see Integrating Third-Party SAML Solution Providers with AWS in the IAM User Guide.

The following links help you configure third-party SAML 2.0 identity provider solutions to work with AppStream 2.0.

Identity provider solution More information
Ping Identity Configuring an SSO connection to Amazon AppStream 2.0 — This page on the Ping Identity website describes how to set up single sign- on (SSO) to AppStream 2.0.
Okta How to Configure SAML 2.0 for Amazon AppStream 2.0 — This article on the Okta website describes how to use Okta to set up SAML federation to AppStream 2.0. For stacks that are joined to a domain, the "Application username format" must be set to "AD user principal name".
Microsoft Active Directory Federation Services (ADFS) Enabling Identity Federation with AD FS 3.0 and Amazon AppStream 2.0 — This post on the AWS Compute Blog describes how to provide users with single sign-on access to AppStream 2.0 by using their existing enterprise credentials. You can configure federated identities for AppStream 2.0 by using Active Directory Federation Services (AD FS) 3.0.
Shibboleth How to Use Shibboleth for Single Sign-On to the AWS Management Console — This post on the AWS Security Blog describes how to set up federation to the AWS Management Console by using Active Directory and Shibboleth. After you create the setup to federate to the console as described in the post, you can edit the relay state provided in the post with the relay state of your AppStream 2.0 stack.

For solutions to common problems you may encounter, see Troubleshooting.