Page created: 25 Jul 2022
|
Page updated: 25 Jul 2022
The AWS IAM Identity Center Provisioner allows PingFederate to integrate with Amazon's AWS IAM Identity Center service for provisioning and single sign-on (SSO).
Features
- Manages users in AWS IAM Identity Center based on changes in a
datastore that is attached to PingFederate.
- Creates, updates, disables, and deletes users.
- Allows you to enable the create, update, disable, and delete capabilities independently.
- Allows you to provision disabled users.
- Allows you to choose whether to disable or delete users when deprovisioning.
- Manages groups in AWS IAM Identity Center based on changes in an
external data store that is attached to PingFederate.
- Creates and deletes groups.
- Updates group memberships.
- Enables browser-based SSO initiated by the service provider (SP) or identity provider (IdP).
- Pre-populates some connection settings with the included quick connection template.
Intended audience
This document is intended for PingFederate administrators.
If you need help during the setup process, see the following resources:
- AWS IAM Identity Center documentation:
System requirements
- PingFederate 9.0 or later.
- An AWS IAM Identity Center administrator account.
- To allow PingFederate to make outbound connections to the AWS IAM Identity Center API, you might need to allow the following domain in
your firewall:
- https://aws.amazon.com