You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
@@ -108,6 +108,18 @@ Follow these steps to enable Azure AD SSO in the Azure portal.
108
108
109
109
`https://signin.aws.amazon.com/saml#2`
110
110
111
+
1. AWS application expects the SAML assertions in a specific format, which requires you to add custom attribute mappings to your SAML token attributes configuration. The following screenshot shows the list of default attributes.
112
+
113
+
114
+
115
+
1. In addition to above, AWS application expects few more attributes to be passed back in SAML response which are shown below. These attributes are also pre populated but you can review them as per your requirements.
| Role | user.assignedroles | https://aws.amazon.com/SAML/Attributes |
121
+
| SessionDuration | "provide a value between 900 seconds (15 minutes) to 43200 seconds (12 hours)" | https://aws.amazon.com/SAML/Attributes |
122
+
111
123
1. On the **Set up single sign-on with SAML** page, in the **SAML Signing Certificate** section, find **Federation Metadata XML** and select **Download** to download the certificate and save it on your computer.
0 commit comments