Getting started tutorials

You can connect your existing identity source in your AWS Organizations management account to an organization instance of IAM Identity Center. If you don't have an existing identity provider, you can create and manage users directly in the default IAM Identity Center directory. You can have one identity source per organization.

The tutorials in this section describe how to set up an organization instance of IAM Identity Center with a commonly used identity source, create an administrative user, and if you're using IAM Identity Center to manage access to AWS accounts, create and configure permission sets. If you’re using IAM Identity Center for application access only, you do not need to use permission sets.

These tutorials do not describe how to set up account instances of IAM Identity Center. You can use account instances to assign users and groups to applications, but you cannot use this instance type to manage user access to AWS accounts. For more information, see Account instances of IAM Identity Center.

Note

Before starting any of these tutorials, enable IAM Identity Center. For more information, see Enabling AWS IAM Identity Center.

Topics

• Using Active Directory as an identity source
• Setting up SCIM provisioning between CyberArk and IAM Identity Center
• Configure SAML and SCIM with Google Workspace and IAM Identity Center
• Using IAM Identity Center to connect with your JumpCloud Directory Platform
• Configure SAML and SCIM with Microsoft Entra ID and IAM Identity Center
• Configure SAML and SCIM with Okta and IAM Identity Center
• Setting up SCIM provisioning between OneLogin and IAM Identity Center
• Using Ping Identity products with IAM Identity Center
• Configure user access with the default IAM Identity Center directory