By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Setting up SSO Application and getting Entity ID too long

0

Working with a vendor to set up SSO and their technical team indicated the following:

The entity ID is too long for our system to handle. Does AWS allow for virtual identity IDs to be created? Some identity providers allow for one ID to be presented to SPs that maps to the original ID withing the IDP. Is there a way to support this?

Topics
Security, Identity, & ComplianceAWS Well-Architected Framework
Tags
Security, Identity, & ComplianceAWS Identity and Access ManagementSecurity
Language
English
profile picture
Carlos del Castillo
asked a year ago185 views
1 Answer
3
Accepted Answer

AWS Single Sign-On (SSO) does not natively support using a virtual or alternate Entity ID that maps to the original Entity ID within the Identity Provider (IdP).

as an alternative

  • If AWS SSO's Entity ID length is causing an issue, you can consider using an external IdP (like Okta, Microsoft Azure AD, or ADFS) that supports shorter Entity IDs or virtual/alternate Entity IDs. You can then integrate the external IdP with the vendor's service and have more control over the Entity ID value.
profile picture
EXPERT
Sedat Salman
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content