1回答
- 新しい順
- 投票が多い順
- コメントが多い順
0
That is the intended behavior. The SAML attribute for NameID must but the sAMAccountName, which is used for the username field in the WorkSpace Client. There is no SAML attribute for password, hence why it is not filled in like the username field is.
I think SSO should only validate credentials in a single provider. However, it is very confusing to have users authenticate both external credentials and AWS credentials to log in to WorkSpaces client. Is there a way to skip the second password verification?