Integrating third-party SAML solution providers with Amazon - Amazon Identity and Access Management
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.

Integrating third-party SAML solution providers with Amazon

The following links help you configure third-party SAML 2.0 identity provider (IdP) solutions to work with Amazon federation.

Note

Amazon Support engineers can assist customers who have business and enterprise support plans with some integration tasks that involve third-party software. For a current list of supported platforms and applications, see What third-party software is supported? in the Amazon Support FAQs.

Solution More information
Auth0 Integrate with Amazon Web services – This page on the Auth0 documentation website has links to resources that describe how to set up single sign-on (SSO) with the Amazon Web Services Management Console and includes a JavaScript example. You can configure Auth0 to pass session tags. For more information, see Auth0 Announces Partnership with Amazon for IAM Session Tags.
Centrify Configure Centrify and Use SAML for SSO to Amazon – This page on the Centrify website explains how to configure Centrify to use SAML for SSO to Amazon.
CyberArk Configure CyberArk to provide Amazon Web Services (Amazon) access to users logging in through SAML single sign-on (SSO) from the CyberArk User Portal.
ForgeRock The ForgeRock Identity Platform integrates with Amazon. You can configure ForgeRock to pass session tags. For more information, see Attribute Based Access Control for Amazon Web Services.
Google Workspace Amazon Web Services cloud application – This article on the Google Workspace Admin Help site describes how to configure Google Workspace as a SAML 2.0 IdP with Amazon as the service provider.
IBM You can configure IBM to pass session tags. For more information, see IBM Cloud Identity IDaaS one of first to support Amazon session tags.
Matrix42 MyWorkspace Getting Started Guide – This guide describes how to integrate Amazon identity services with Matrix42 MyWorkspace.
Microsoft Active Directory Federation Services (AD FS)

Enabling Federation to Amazon Using Windows Active Directory, AD FS, and SAML 2.0 – This post on the Amazon Security Blog shows how to set up AD FS on an EC2 instance and enable SAML federation with Amazon. You can configure AD FS to pass session tags. For more information, see Use attribute-based access control with AD FS to simplify IAM permissions management.

PowerShell Automation to Give Amazon Console Access – This post on Sivaprasad Padisetty's blog describes how to use Windows PowerShell to automate the process of setting up Active Directory and AD FS. It also covers enabling SAML federation with Amazon.

miniOrange SSO for Amazon – This page on the miniOrange website describes how to establish secure access to Amazon for enterprises and full control over access of Amazon applications.
Okta Integrating the Amazon Web Services Command Line Interface Using Okta – From this page on the Okta support site you can learn how to configure Okta for use with Amazon. You can configure Okta to pass session tags. For more information, see Okta and Amazon Partner to Simplify Access Via Session Tags.
Okta How to Configure SAML 2.0 for Amazon Web Services Single Sign On – This article on the Okta website describes how to set up and enable SSO for Amazon.
OneLogin From the OneLogin Knowledgebase, search for SAML Amazon for a list of articles that explain how to set up Amazon Web Services SSO functionality between OneLogin and Amazon for a single-role and multi-role scenarios. You can configure OneLogin to pass session tags. For more information, see OneLogin and Session Tags: Attribute-Based Access Control for Amazon Resources.
Ping Identity

PingFederate Amazon Connector – View details about the PingFederate Amazon Connector, a quick connection template to easily set up a single sign-on (SSO) and provisioning connection. Read documentation and download the latest PingFederate Amazon Connector for integrations with Amazon. You can configure Ping Identity to pass session tags. For more information, see Announcing Ping Identity Support for Attribute-Based Access Control in Amazon.

RadiantLogic Radiant Logic Technology Partners – Radiant Logic's RadiantOne Federated Identity Service integrates with Amazon to provide an identity hub for SAML-based SSO.
RSA RSA Link is on online community that facilitates information sharing and discussion. You can configure RSA to pass session tags. For more information, see Simplify Identity Access and Assurance Decisions on Amazon with RSA SecurID and Session Tags.
Salesforce.com How to configure SSO from Salesforce to Amazon – This how-to article on the Salesforce.com developer site describes how to set up an identity provider (IdP) in Salesforce and configure Amazon as a service provider.
SecureAuth Amazon - SecureAuth SAML SSO – This article on the SecureAuth website describes how to set up SAML integration with Amazon for a SecureAuth appliance.
Shibboleth How to Use Shibboleth for SSO to the Amazon Web Services Management Console – This entry on the Amazon Security Blog provides a step-by-step tutorial on how to set up Shibboleth and configure it as an identity provider for Amazon. You can configure Shibboleth to pass session tags.

For more details, see the IAM Partners page on the Amazon website.