AWS Single Sign-on with Azure AD: How to force to ask password every single login
I have implemented Single Sign-On (SSO) with Azure AD using SAML 2.0. When a user logs in with the SSO URL, they are redirected to the O365 login page, where they go through the Multi-Factor Authentication (MFA) process, and the user is successfully logged in. However, when a user signs out from the portal and then, after some time, attempts to log in again, they are not prompted for login credentials and are automatically signed in. I'm aware that the session can be controlled by applying a conditional access policy, but is there any way to require credentials for every single login
- 최신
- 최다 투표
- 가장 많은 댓글
All authentication is controlled by your IDP not AWS when you have setup SSO.
Your Idp will only tell AWS that you’re authenticated and your user information passed during the SAML.
I’m not 100% sure but I don’t think you can force this on the Azure SAML side however please research this yourself to confirm if it is or isn’t possible.
관련 콘텐츠
- 질문됨 8달 전
AWS 공식업데이트됨 일 년 전- AWS 공식업데이트됨 일 년 전
