SCIM profile and SAML 2.0 implementation
Both SCIM and SAML are important considerations for configuring IAM Identity Center.
SAML 2.0 implementation
IAM Identity Center supports identity federation with SAML (Security Assertion Markup
Language)
IAM Identity Center adds SAML IdP capabilities to your IAM Identity Center store, AWS Managed Microsoft AD, or to an external identity provider. Users can then single sign-on into services that support SAML, including the AWS Management Console and third-party applications such as Microsoft 365, Concur, and Salesforce.
The SAML protocol however doesn't provide a way to query the IdP to learn about users and groups. Therefore, you must make IAM Identity Center aware of those users and groups by provisioning them into IAM Identity Center.
SCIM profile
IAM Identity Center provides support for the System for Cross-domain Identity Management (SCIM) v2.0 standard. SCIM keeps your IAM Identity Center identities in sync with identities from your IdP. This includes any provisioning, updates, and deprovisioning of users between your IdP and IAM Identity Center.
For more information about how to implement SCIM, see Provisioning an external identity provider into IAM Identity Center using SCIM. For additional details about IAM Identity Center’s SCIM implementation, see the IAM Identity Center SCIM Implementation Developer Guide.