Registering PingFederate as an identity provider in AWS Single Sign-On
To allow PingFederate to communicate with AWS IAM Identity Center, exchange the two metadata files between the two systems and note the provisioning details from AWS.
Steps
-
Sign on to the AWS SSO Console as the root user for the AWS account.
-
Go to Settings. In the Identity source section, on the Identity source row, click Change.
-
On the "Choose where your identities are sourced page, click External identity provider.
-
In the Service provider metadata section, click Download metadata file. Save the sp-saml-metadata.xml file.
-
In the Identity provider metadata section, upload the PingFederate metadata file that you exported in Exporting SAML metadata from PingFederate.
-
Click Next: Review.
-
In the Review and confirm section, enter
ACCEPT
. Click Save identity source. -
Note your provisioning SCIM URL and access token ID.
-
On the Settings window, in the Identity source section, on the Provisioning row, click View details.
-
On the Automatic Provisioning window, note the SCIM endpoint and Access token ID. You will use these in Creating a connection.
-