Create a SAML 2.0 application

In this step, you federate your Identity Provider (IdP) to IAM Identity Center through SAML 2.0, and use IAM Identity Center to manage user access to the solution.

Log in to the AWS IAM Identity Center console.
From the left pane, under Application assignments, choose Applications.
On the Applications page, on the Customer managed tab, choose Add application.
On the Select application type page, under Setup preference, choose I have an application I want to set up.
Under Application type, choose SAML 2.0, and choose Next.
On the Configure application page, under Configure application,
- Enter a Display name for the application, such as MyISBApp,
- Enter a description.
Under Application metadata, choose Manually type your metadata values, and provide the Application ACS URL and Application SAML audience values.
- Application ACS URL: The URL of the CloudFront distribution (or alternate domain name associated with the distribution) from the Compute stack output appended with /api/auth/login/callback. For example: <ISB_WEB_URL>/api/auth/login/callback where ISB_WEB_URL is the CloudFront Distribution URL or alternate domain (for example: https://duyXXXXXXXeh.cloudfront.net/api/auth/login/callback). To view the Compute stack outputs, navigate to the AWS CloudFormation > Stacks > Outputs tab, in the account where you have deployed the Compute stack.
- Application SAML audience: The audience used to identify the service provider (in this case, Innovation Sandbox web application) configured to consume the SAML assertion. For example: Isb-<NAMESPACE>-Audience.
Choose Submit. The Application details page displays.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Configure IAM Identity Center

Map application attributes