Amazon

AWS IAM Identity Center Provisioner

The AWS IAM Identity Center Provisioner allows PingFederate to integrate with Amazon’s AWS IAM Identity Center service for provisioning and single sign-on (SSO).

Features

  • Manages users in AWS IAM Identity Center based on changes in a datastore that is attached to PingFederate.

    • Creates, updates, disables, and deletes users.

    • Allows you to enable the create, update, disable, and delete capabilities independently.

    • Allows you to provision disabled users.

    • Allows you to choose whether to disable or delete users when deprovisioning.

  • Manages groups in AWS IAM Identity Center based on changes in an external data store that is attached to PingFederate.

    • Creates and deletes groups.

    • Updates group memberships.

  • Enables browser-based SSO initiated by the service provider (SP) or identity provider (IdP).

  • Pre-populates some connection settings with the included quick connection template.

System requirements

  • PingFederate 9.0 or later.

  • An AWS IAM Identity Center administrator account.

  • To allow PingFederate to make outbound connections to the AWS IAM Identity Center API, you might need to allow the following domain in your firewall:

    • https://aws.amazon.com