The following is required:
An active AWS subscription
An Enterprise Stormboard single sign-on enabled subscription
Why integrate SSO?
In this tutorial, you learn how to integrate Stormboard with AWS. Integrating Stormboard with AWS provides you with the following benefits:
You can control in AWS who has access to Stormboard.
You can enable your users to be automatically signed-in to Stormboard (Single Sign-On) with their AWS accounts.
You can manage your accounts in one central location within AWS
NOTE: This setup might fail without parameter values that are customized for your organization. Please use the AWS Administrator Dashboard to add an application and view the values that are specific for your organization.
Steps to establish the SSO integration
1. Log into Stormboard as a Team Administrator in one browser tab
2. From the menu icon on the top left, select My Account.
a. Select your team under My Teams
b. Scroll down to the Authentication section and select AWS.
Steps to configure AWS SSO on Stormboard side
Enter the values from AWS in Stormboard. May be any of the following:
a. Issuer URL
b. SAML 2.0 Endpoint
d. AWS Identifier
e. Identity Provider Issuer
f. Public Certificate
Set the "Enabled" field to "Yes" to enable SSO (see image below)
The "Required" field allows you to set if a user is required to be authenticated with SSO in order to enter a Storm (what we call your digital workspace). If you select "Yes", this will stop any external users not in your directory from entering a Storm — an added security feature (see image below).
Click Save (see image below).
Steps to configure AWS SSO on AWS side
Enter the values from Stormboard in AWS on the admin side.
May be any of the following:
b. Reply URL (ACS)
c. Sign On URL (ACS)
e. Team ID
Test your connection on Stormboard
Go to https://[your-subdomain].stormboard.com/
3. Stormboard uses just-in-time provisioning if the user does not have an account one will be created
The following SAML attributes are supported: