January 6, 2015 at 7:53 pm #2256yona75Participant
I am trying to configure the OpenAM as an IdP provider for AWS IAM.
Does anybody have accomplished it ? And is there any documentation on the process ?
I see that many federation product vendors have the walk through on AWS: http://docs.aws.amazon.com/IAM/latest/UserGuide/IdP-solution-providers.html
It would be great if ForgeRock will have an official guide on that.
Thank you !
AntonJanuary 14, 2015 at 2:59 am #2399Peter MajorModerator
the last time I tried, I had loads of issues with the AWS provided metadata:
Setting up AWS as a SAML SP shouldn’t be too difficult in general though:
Just configure your OpenAM as a hosted IdP and then try to import the AWS metadata as a Remote SP. Once you are done with that it should be fairly simple to initiate SAML login:
PeterMarch 20, 2015 at 6:42 pm #3576ahnjoanParticipant
Peter – I’ve attempted to use the URL you posted for my configuration and I get an error. “HTTP Status 400 – Identity Provider ID is null.” I’m using the following URL. Do you have a suggestion on what I might be doing incorrectly?
AhnjoanMarch 23, 2015 at 10:51 am #3588Peter MajorModerator
The metaAlias should always point at the hosted entity.November 24, 2016 at 6:23 pm #14466RajenANParticipant
We have include following attributes in the attribute mapper in the SP as per the document
We are seeing the following error while login in to aws console using forgerock
RoleSessionName is required in AuthnResponse (Service: AWSSecurityTokenService; Status Code: 400; Error Code: InvalidIdentityToken
I see the RoleSessionName attribute not getting added in the SAMLResponse even though i have added it in the attribute mapper in the SP. What may be the cause of this issue?
You must be logged in to reply to this topic.