AWS Single Sign-On endpoints and quotas
The following are the service endpoints and service quotas for this service. To connect programmatically to an AWS service, you use an endpoint. In addition to the standard AWS endpoints, some AWS services offer FIPS endpoints in selected Regions. For more information, see AWS service endpoints. Service quotas, also referred to as limits, are the maximum number of service resources or operations for your AWS account. For more information, see AWS service quotas.
Service endpoints
AWS SSO
| Region Name | Region | Endpoint | Protocol |
|---|---|---|---|
| US East (Ohio) | us-east-2 | sso.us-east-2.amazonaws.com | HTTPS |
| US East (N. Virginia) | us-east-1 | sso.us-east-1.amazonaws.com | HTTPS |
| US West (Oregon) | us-west-2 | sso.us-west-2.amazonaws.com | HTTPS |
| Asia Pacific (Mumbai) | ap-south-1 | sso.ap-south-1.amazonaws.com | HTTPS |
| Asia Pacific (Seoul) | ap-northeast-2 | sso.ap-northeast-2.amazonaws.com | HTTPS |
| Asia Pacific (Singapore) | ap-southeast-1 | sso.ap-southeast-1.amazonaws.com | HTTPS |
| Asia Pacific (Sydney) | ap-southeast-2 | sso.ap-southeast-2.amazonaws.com | HTTPS |
| Asia Pacific (Tokyo) | ap-northeast-1 | sso.ap-northeast-1.amazonaws.com | HTTPS |
| Canada (Central) | ca-central-1 | sso.ca-central-1.amazonaws.com | HTTPS |
| Europe (Frankfurt) | eu-central-1 | sso.eu-central-1.amazonaws.com | HTTPS |
| Europe (Ireland) | eu-west-1 | sso.eu-west-1.amazonaws.com | HTTPS |
| Europe (London) | eu-west-2 | sso.eu-west-2.amazonaws.com | HTTPS |
| Europe (Paris) | eu-west-3 | sso.eu-west-3.amazonaws.com | HTTPS |
| Europe (Stockholm) | eu-north-1 | sso.eu-north-1.amazonaws.com | HTTPS |
| South America (São Paulo) | sa-east-1 | sso.sa-east-1.amazonaws.com | HTTPS |
| AWS GovCloud (US-West) | us-gov-west-1 |
sso.us-gov-west-1.amazonaws.com sso.us-gov-west-1.amazonaws.com |
HTTPS HTTPS |
Identity Store
| Region Name | Region | Endpoint | Protocol |
|---|---|---|---|
| US East (Ohio) | us-east-2 | identitystore.us-east-2.amazonaws.com | HTTPS |
| US East (N. Virginia) | us-east-1 | identitystore.us-east-1.amazonaws.com | HTTPS |
| US West (Oregon) | us-west-2 | identitystore.us-west-2.amazonaws.com | HTTPS |
| Asia Pacific (Mumbai) | ap-south-1 | identitystore.ap-south-1.amazonaws.com | HTTPS |
| Asia Pacific (Seoul) | ap-northeast-2 | identitystore.ap-northeast-2.amazonaws.com | HTTPS |
| Asia Pacific (Singapore) | ap-southeast-1 | identitystore.ap-southeast-1.amazonaws.com | HTTPS |
| Asia Pacific (Sydney) | ap-southeast-2 | identitystore.ap-southeast-2.amazonaws.com | HTTPS |
| Asia Pacific (Tokyo) | ap-northeast-1 | identitystore.ap-northeast-1.amazonaws.com | HTTPS |
| Canada (Central) | ca-central-1 | identitystore.ca-central-1.amazonaws.com | HTTPS |
| Europe (Frankfurt) | eu-central-1 | identitystore.eu-central-1.amazonaws.com | HTTPS |
| Europe (Ireland) | eu-west-1 | identitystore.eu-west-1.amazonaws.com | HTTPS |
| Europe (London) | eu-west-2 | identitystore.eu-west-2.amazonaws.com | HTTPS |
| Europe (Stockholm) | eu-north-1 | identitystore.eu-north-1.amazonaws.com | HTTPS |
| AWS GovCloud (US-West) | us-gov-west-1 |
identitystore.us-gov-west-1.amazonaws.com identitystore.us-gov-west-1.amazonaws.com |
HTTPS HTTPS |
Service quotas
| Name | Default | Adjustable |
|---|---|---|
| File size of service provider SAML certificates (in PEM format) | All supported Regions: 2 Kilobytes | No |
| Number of groups supported in AWS SSO | All supported Regions: 10,000 | No |
| Number of permission sets allowed in AWS SSO | All supported Regions: 500 |
Yes |
| Number of permission sets allowed per AWS account | All supported Regions: 50 |
Yes |
| Number of unique directory groups that can be assigned | All supported Regions: 2,500 |
Yes |
| Number of unique groups that can be used to evaluate the permissions for a user | All supported Regions: 500 | No |
| Number of users supported in AWS SSO | All supported Regions: 50,000 | No |
| Total number of AWS accounts or applications that can be configured | All supported Regions: 500 |
Yes |
For more information, see AWS Single Sign-On quotas in the AWS Single Sign-On User Guide.
