Reputation: 11
Create SSO for AWS from Azure AD
Trying to create SSO for AWS keeping Azure users as source of Truth. Followed below Tut's.
- https://learn.microsoft.com/en-us/azure/active-directory/active-directory-saas-amazon-web-service-tutorial
- http://blog.flux7.com/aws-best-practice-azure-ad-saml-authentication-configuration-for-aws-console
Anything is to be more precise with user attributes in Azure ? Has anything to enable in AWS to accept the SSO ?
Login is successful(Can see signin's in Azure AD) but it displays message "Your request included an invalid SAML response. To logout, click here
". Any idea what has gone wrong ?
Upvotes: 1
Views: 1914
Answers (2)
Reputation: 8434
May be I am late to this post. As Jeevan mentioned. You are missing custom attributes that you need to add. I have been struggling with same and found this well explained video. I hope, this will help any one who is struggling with this issues.
Upvotes: 0
Reputation: 71
Yes, I think you are on the right path. It seems that you are missing the custom attributes which we are suggesting to add for your application. Those are Role and RoleSessionName. Please see the step #5 in my article https://learn.microsoft.com/en-us/azure/active-directory/active-directory-saas-amazon-web-service-tutorial and make sure that you use the same casing and namespace for the claims. With that the integration should work correctly.
Upvotes: 1
Related Questions
- SSO Setup for a Saas Application
- How to use Azure AD as SAML IdP?
- How to add an application to Azure AD with SSO option SAML
- Azure AD SSO with SAML Signing Certificate
- Using Azure AD as a identity provider for AWS
- How to set up AWS SSO as an Auth0 Enterprise SAML Connection
- Azure AD API For Command Line Based SAML2 SSO (for AWS federated login)
- How to authenthicate from my application to a SSO of my client
- How to implement SSO using SAML in the existing ASP.net application
- Is it possible to do sso for http://aws.amazon.com using saml?