By using AWS re:Post, you agree to the Terms of Use
/AWS SSO - Manage Users/

AWS SSO - Manage Users


I'm seeing a problem today that I haven't previously encountered.

When I navigate to the AWS SSO Users page there is a information message displayed at the top of the screen.

Your identity source is currently configured as 'External identity provider'. To add new users or edit their attributes, you must do this using your external identity provider.

Along with this message the 'Add user' button has been removed from the UI.

The problem is that my External identity provider is G Suite, and as stated in the AWS Docs for setting up SSO with G Suite.

AWS SSO supports automatic user provisioning via the System for Cross-Identity Management (SCIM). However, this is not yet officially supported for G Suite custom SAML applications. In the meantime, you can manually create users.

I have a new user that I need to create an SSO account for but I'm now completely unable to do this. This has never been a problem before and I successfully added a user in this way on the 23rd May, just 3 days ago.


2 Answers
Accepted Answer

What is the Provisioning method, "SCIM" or "AWS SSO"?(You can see it at "AWS SSO" Management Console -> "Settings" -> "Identity source" Tab.)

If "SCIM", you cannot edit the users and groups on AWS SSO. Can you disable it with the steps described at below link?

answered a month ago

Thank you. Yes that was the problem. The provisioning method had been set to SCIM. Disabling automatic provisioning has given me back the Add User Button.

answered a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions