- Newest
- Most votes
- Most comments
By default (without any additional configuration), the AppStream 2.0 (AS2) native client only supports streaming URLs or the User Pool login page. This is to prevent end users from using the AS2 client as a mini-browser. Admins have 3 options for enabling other URLs/domains for their end users (for example, AWS SSO or other SAML IdPs):
- (HKLM registry key) StartURL - Single URL that is the default value when the user launches the native client. The value would be that of your SSO portal.
- (HKLM registry key) TrustedDomains - A comma-separated list of domains that are acceptable for your user to enter into the native client text box. The value would be that of your SSO portal. Your user would then be able to manually enter this value when they launch the native client.
- (DNS TXT record) Trusted domain - A DNS TXT record that enables that domain/subdomain without any user-side configuration changes.
You can learn more about all 3 of these here: https://docs.aws.amazon.com/appstream2/latest/developerguide/install-client-configure-settings.html#access-appstream-with-client.
If I copy the application URL which I get after login to the SSO (sample : https://appstream2.ap-southeast-1.aws.amazon.com/#/reserve?reference=fleet%2FOsakaFleet-AlwaysOn)
This is not a valid direct access URL. AS2 only supports IdP-initiated federation, so the URL that needs to be entered is that of AWS SSO - either the catalog URL.
Relevant content
- asked a year ago
- asked 3 years ago
- asked a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated 5 months ago