Learn more about AWS Identity, Directory, and Access Services

Security Assertion Markup Language 2.0 (SAML) is an open standard for exchanging identity and security information with applications and service providers. Applications and service providers that support SAML enable you to sign in using your corporate directory credentials, such as your user name and password from Microsoft Active Directory. With SAML, you can use single sign-on (SSO) to sign in to all of your SAML-enabled applications by using a single set of credentials.

By enabling SAML authentication, you also can manage access to your applications centrally. SAML-enabled applications delegate authentication requests to your corporate directory. When users are removed from your directory, they are no longer able to sign in.

You can enable SAML authentication for your AWS accounts by using AWS Identity and Access Management (IAM). You can add SAML support to your web and mobile apps running on the AWS Cloud by using Amazon Cognito.

SAML_Image

Enabling SAML-based single sign-on (SSO) for your AWS accounts enables your users to sign in to the AWS Management Console, AWS API, and AWS Command Line Interface (CLI) using their corporate credentials.

You can enable SAML authentication for your AWS accounts using AWS Identity and Access Management (IAM) and your identity provider (IdP). Further, you can centrally manage SSO access for multiple AWS accounts and business applications using AWS Single Sign-On (SSO)

To learn more about enabling SAML for your AWS accounts with AWS IAM and an IdP, see the following additional resources:

Federation Webinar Thumbnail
Advanced Techniques for Federation of the AWS Management Console and Command Line Interface (CLI)

Adding SAML support to your web and mobile apps that run on the AWS Cloud enables users to sign in to your apps by using their corporate credentials.

You can add SAML support to your applications using Amazon Cognito. With Amazon Cognito, you can add user sign-up and sign-in to your web and mobile apps in minutes. You can also authenticate users through social identity providers, such as Facebook and Amazon, or by using your own identity system.

To learn more about adding SAML support to your web and mobile apps using Amazon Cognito, see the following additional resources:

Amazon Cognito Webinar Thumbnail
Deep Dive on Amazon Cognito - March 2017 AWS Online Tech Talks