SAML federation - AWS IAM Identity Center (successor to AWS Single Sign-On)

SAML federation

IAM Identity Center supports identity federation with SAML (Security Assertion Markup Language) 2.0. SAML 2.0 is an industry standard used for securely exchanging SAML assertions that pass information about a user between a SAML authority (called an identity provider or IdP), and a SAML consumer (called a service provider or SP). IAM Identity Center uses this information to provide federated single sign-on access for those users who are authorized to use applications within the AWS access portal.

IAM Identity Center adds SAML IdP capabilities to either your AWS Managed Microsoft AD or your IAM Identity Center identity store. Users can then single sign-on into services that support SAML, including the AWS Management Console and third-party applications such as Microsoft 365, SAP Concur, and Salesforce.