AWS SSO

Enable AWS SSO

1. Navigate to Access Control > SSO from the left side menu.

2. Click on Add Identity Provider

3. Provide a name for your Identity Provider

4. Select AWS

5. Click Next

6. Follow these steps to in AWS.

   1. In AWS, when asked for an Application ACS URL, copy & paste the Application ACS URL shown on the e6data SSO page.

   2. In AWS, when prompted for an Application SAML audience, copy & paste the Application SAML audience shown on the e6data SSO page.

   3. Match the user attributes in AWS to those shown on the e6data SSO page.

7. Click Next

8. Under IdP Configuration, click Choose File & upload the IAM Identity Center SAML metadata file previously downloaded from AWS IAM Console in step 6.

9. Click Save

10. Users can now log in to e6data using AWS SSO.

Login via AWS SSO

Users can log in by:

• Clicking the Single Sign-On (SSO) button in the e6data platform.

SuperAdmin will be able to log in using both SSO and username/password authentication.

Add Users to e6data via AWS SSO

By default, new users are assigned the Viewer role (least privilege). The SuperAdmin or AccessAdmin should change the user's role after the first login.

Remove Users from e6data via AWS SSO

Disable SSO

1. Navigate to Access Control > SSO from the left side menu.

2. Toggle Integrate SSO to the disabled position.

Important: When SSO is disabled, each user added using SSO will need to reset their password.