AWS
Use these instructions to set up AWS as your SSO provider for Tonic Structural.
AWS configuration
You complete the following configuration steps within AWS SSO.
Create the SAML application
In the Applications section, click Add a new application.
Next, on the Add New Application page, click Add a custom SAML 2.0 application.
From IAM Identity Center metadata, download your AWS SSO SAML metadata file URL. You will set this as the value of a Structural environment setting.
Under Application properties, set Application start URL to your Structural URL.
Under Application metadata:
Click Manually type your metadata values.
Set Application ACS URL to your Tonic URL followed by
/api/sso/samllogin
.Set Application SAML audience to
Tonic
.
To create the application, click Submit.
Configure attribute mappings for Structural
Next, you need to configure the attribute mappings that Structural requires.
For your new Structural application, click Actions, then select Edit attribute mappings
On the Attribute mappings tab, set up the following mappings:
Map Subject to
${user:subject}
Map GivenName to
${user:givenName}
Map Email to
${user:email}
Map FamilyName to
${user:familyName}
Map Groups to
${user:groups}
Structural configuration
TONIC_SSO_PROVIDER
- Set toAWS
TONIC_SSO_IDENTITY_PROVIDER_ID
- Set to the value of Identity store ID from the Settings page in AWS SSO.
TONIC_SSO_SAML_IDP_METADATA_XML_URL
- Set to the IAM Identity Center SAML metadata file URL that you saved earlier.
Last updated