1 Answer
- Newest
- Most votes
- Most comments
0
That's a really big question which has multiple answers depending on actual use cases; which identity provider you're going to use; your multi-account structure; and so on. Not something that I'd like to give specific advice on here because of those variables.
For machine-to-machine authentication this is an excellent resource.
For large-scale user authentication you definitely want to look at best practices for IAM, Single Sign-on as well as Organizations and possibly Control Tower.
I'd strongly encourage you to reach out to your local AWS account team and get advice specific to you from them.
Relevant content
- Accepted Answer
- asked 9 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated a month ago
Thank you for your response. The use case is pretty straightforward. I have existing customers (end users) with existing (secured) resources. As I am using OAuth2, we are talking about end users. I need to be able to federate their identity so as to be able to access the existing resources. All the documentation I have seen so far assumes a brand new application with new resources managed by the application. That is not us.