Map attributes in your application to IAM Identity Center attributes

Some service providers require custom SAML assertions to pass additional data about your user sign-ins. In that case, use the following procedure to specify how your applications user attributes should map to corresponding attributes in IAM Identity Center.

To map application attributes to attributes in IAM Identity Center

Open the IAM Identity Center console.
Choose Applications.
In the list of applications, choose the application where you want to map attributes.
On the application details page, choose the Actions and then choose Edit attribute mapping.
Choose Add new attribute mapping.
In the first text box, enter the application attribute.
In the second text box, enter the attribute in IAM Identity Center that you want to map to the application attribute. For example, you might want to map the application attribute Username to the IAM Identity Center user attribute email. To see the list of allowed user attributes in IAM Identity Center, see the table in Attribute mappings for AWS Managed Microsoft AD directory.
In the third column of the table, choose the appropriate format for the attribute from the menu.
Choose Save changes.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Remove user access

Resiliency design and Regional behavior