The AWS IAM Identity Center Provisioner allows PingFederate to integrate with Amazon's AWS IAM Identity Center service for provisioning and single sign-on (SSO).
- Manages users in AWS IAM Identity Center based on changes in a
datastore that is attached to PingFederate.
- Creates, updates, disables, and deletes users.
- Allows you to enable the create, update, disable, and delete capabilities independently.
- Allows you to provision disabled users.
- Allows you to choose whether to disable or delete users when deprovisioning.
- Manages groups in AWS IAM Identity Center based on changes in an
external data store that is attached to PingFederate.
- Creates and deletes groups.
- Updates group memberships.
- Enables browser-based SSO initiated by the service provider (SP) or identity provider (IdP).
- Pre-populates some connection settings with the included quick connection template.
This document is intended for PingFederate administrators.
If you need help during the setup process, see the following resources:
- AWS IAM Identity Center documentation:
- PingFederate 9.0 or later.
- An AWS IAM Identity Center administrator account.
- To allow PingFederate to make outbound connections to the AWS IAM Identity Center API, you might need to allow the following domain in