Welcome to the IAM Identity Center API Reference - IAM Identity Center
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Welcome to the IAM Identity Center API Reference

With Amazon IAM Identity Center, you can manage sign-in security for your workforce identities, also known as workforce users. IAM Identity Center provides one place where you can create or connect workforce users and manage their access centrally across all their Amazon Web Services accounts and applications. IAM Identity Center is the recommended approach for workforce authentication and authorization in Amazon, for organizations of any size and type.


IAM Identity Center uses the sso and identitystore API namespaces.

This guide provides information about single sign-on operations that you can use to manage access to Amazon Web Services accounts. For information about IAM Identity Center features, see the IAM Identity Center User Guide.

Many operations in the IAM Identity Center APIs rely on identifiers for users and groups, known as principals. For more information about how to work with principals and principal IDs in IAM Identity Center, see the Identity Store API Reference.


Amazon provides SDKs that consist of libraries and sample code for various programming languages and platforms (Java, Ruby, .Net, iOS, Android, and more). The SDKs provide a convenient way to programmatically access IAM Identity Center and other Amazon services. For more information about the Amazon SDKs, including how to download and install them, see Tools for Amazon Web Services.