Amazon AWS Integration

Customer IT / SpaceIQ Onboarding Team

 

SiQ supports integration with the Amazon AWS identity management system. This details how to configure the Amazon AWS integration for SiQ. 

Note: It is not possible to import (or pull) new users or profile updates from within SiQ. The information must be pushed from Amazon AWS. 

Contents

Prerequisites

  • You will need Amazon AWS with administration privileges to complete this integration and for the SiQ setup, you must have a SiQ Admin or an IT role.

Set up SSO using SAML for SiQ

This section describes how to set up SSO using SAML (Security Assertion Markup Language) (SAML), so your users can use their Amazon AWS credentials to sign in to SiQ app.

Step 1. Find the Amazon AWS Identity Provider (IdP) information

Note: For more information on Amazon AWS, see their documentation.

From the Amazon AWS Admin Console, complete the following:

  1. Sign in to Amazon AWS SSO admin portal as an Administrator.
  2. Add the SiQ application.
  3. Edit the SiQ application to copy the following:
    1. Copy Issuer URL and paste into Step 2's AWS SSO sign-in URL field.
    2. Copy the X.509 certificate and paste it into Step 2's X.509 Certificate field.

Leave the Admin console open.

Step 2. Active the Amazon AWS Integration in SiQ

From the SiQ Web App, complete the following:

  1. Click your Profile Name in the top right corner.
  2. Click Settings. The Settings screen displays.
  3. From the left menu, click Integrations.
  4. From the Third Party Integrations area, click the READ MORE link. The Integrations screen displays.

You can either search for Amazon AWS in the Search field or navigate to the Amazon AWS tile. To navigate complete the following:

  1. From the left menu, click Provisioning & SSO.
  2. For Amazon AWS, click the Activate button.

The Amazon AWS dialog displays and contains the Provisioning tab and the SSO tab.

3. Click the SSO tab.

amazon_aws1.png

4. In the AWS SSO sign-in URL URL field, paste the Issuer URL from Step 1.

5. In the X.509 Certificate field, paste the certificate you downloaded in Step 1.

Step 3. Complete the SSO Configuration in Amazon AWS

Complete the SiQ's Amazon AWS Integration fields.

amazon_aws2.png

From the Amazon AWS Admin Console, complete the following:

  1. Edit the SiQ application to copy the following:
    1. Copy Application ACS URL and paste into Application ACS URL field in the Amazon AWS Admin Console.
    2. Copy Application SAML Audience URL and paste into Application SAML Audience field in the Amazon AWS Admin Console.
    3. Copy the Application home URL from the Amazon AWS Admin Console and paste into the Amazon AWS Portal URL field.
    4. Optional - In the Amazon AWS Portal URL field enter the Application home URL to be redirected back to Amazon AWS SSO market space after logout.
    5. Optional - In the SSO Redirect URL (SiQ Portal) field, enter the SSO redirect to automatically authenticate users from SiQ Portal using SSO.
    6. Click the Activate button.