Amazon AWS Integration
Customer IT / SpaceIQ Onboarding Team
SpaceIQ supports integration with the Amazon AWS identity management system. This details how to configure the Amazon AWS integration for SpaceIQ.
It is not possible to import (or pull) new users or profile updates from within SpaceIQ. The information must be pushed from Amazon AWS.
Contents
Prerequisites
- You will need Amazon AWS with administration privileges to complete this integration, and for the SpaceIQ setup, you must have a SpaceIQ Admin or an IT role.
Set up SSO using SAML for SpaceIQ
This section describes how to set up SSO using SAML (Security Assertion Markup Language) (SAML), so your users can use their Amazon AWS credentials to sign in to the SpaceIQ Web App.
Step 1. Find the Amazon AWS Identity Provider (IdP) information
For more information on Amazon AWS, see their documentation.
From the Amazon AWS Admin Console, complete the following:
- Sign in to Amazon AWS SSO admin portal as an Administrator.
- Add the SpaceIQ application.
- Edit the SpaceIQ application to copy the following:
- Copy Issuer URL and paste it to the Step 2's AWS SSO sign-in URL field.
- Copy the X.509 certificate and paste it into Step 2's X.509 Certificate field.
Leave the Admin console open.
Step 2. Activate the Amazon AWS Integration in SpaceIQ
From the SpaceIQ application, complete the following steps:
- In the top-right corner, click on your Profile Name, and then click on Settings.
- From the left menu, click Integrations.
- From the Third Party Integrations area, click the READ MORE link. The Integrations screen displays.
You can search for Amazon AWS in the Search field or navigate to the Amazon AWS tile. To navigate, complete the following:
- From the left menu, click Provisioning & SSO.
- For Amazon AWS, click the Activate button.
The Amazon AWS dialog displays and contains the Provisioning and SSO tab.
- Click the SSO tab.
- In the AWS SSO sign-in URL URL field, paste the Issuer URL from Step 1.
- In the X.509 Certificate field, paste the certificate you downloaded in Step 1.
Step 3. Complete the SSO Configuration in Amazon AWS
Complete the SpaceIQ's Amazon AWS Integration fields.
From the Amazon AWS Admin Console, complete the following:
- Edit the SpaceIQ application to copy the following:
- Copy Application ACS URL and paste it into Application ACS URL field in the Amazon AWS Admin Console.
- Copy Application SAML Audience URL and paste it into Application SAML Audience field in the Amazon AWS Admin Console.
- Copy the Application home URL from the Amazon AWS Admin Console and paste it into the Amazon AWS Portal URL field.
- Optional - In the Amazon AWS Portal URL field, enter the Application home URL to be redirected back to Amazon AWS SSO market space after logout.
- Optional - In the SSO Redirect URL (SiQ Portal) field, enter the SSO redirect to authenticate users from the SpaceIQ Portal using SSO automatically.
- Click the Activate button.