Validate IdP federation - Amazon WorkLink

Validate IdP federation

After you Configure your identity provider (IdP) to federate your SAML 2.0 identity provider, you can use the Amazon WorkLink app on your iPhone or Android phone to validate that it has been federated.

To validate that your SAML 2.0 identity provider has been federated

  1. Download and open the Amazon WorkLink app on your phone.


    If you can't download the app, make sure that your device is connected to the internet. If you're using a test device, make sure that your device has been registered. The App Store and Play Store don't allow unregistered devices to download applications.

  2. Enter the company code for your Amazon WorkLink fleet.


    Company codes are alphanumeric and listed in the Amazon WorkLink console on the Fleets and User invites pages,

  3. Sign in with your SAML 2.0 credentials.


    If you see an error message that says WorkLink is unable to connect to your company's Identity Provider, then Amazon WorkLink can't log in with your company SAML 2.0 provider. Check your identity provider availability, and confirm that you correctly completed the steps in Configure your identity provider (IdP).

  4. Grant the Amazon WorkLink app VPN permissions.

  5. Confirm that the VPN on your phone is running.


    Most devices display this as a lock icon on the top of the screen, but for some iOS devices (iPhone X+), you might need to confirm that the VPN is connected. To do this, choose Settings, General, and VPN. This ensures that your SAML 2.0 IdP has properly federated with Amazon WorkLink.