The following is required:

  • An active AWS subscription

  • An Enterprise Stormboard single sign-on enabled subscription

Why integrate SSO?

In this tutorial, you learn how to integrate Stormboard with AWS. Integrating Stormboard with AWS provides you with the following benefits:

  • You can control in AWS who has access to Stormboard.

  • You can enable your users to be automatically signed-in to Stormboard (Single Sign-On) with their AWS accounts.

  • You can manage your accounts in one central location within AWS

NOTE: This setup might fail without parameter values that are customized for your organization. Please use the AWS Administrator Dashboard to add an application and view the values that are specific for your organization.

Steps to establish the SSO integration

1. Log into Stormboard as a Team Administrator in one browser tab

2. From the menu icon on the top left, select My Account.

a. Select your team under My Teams

b. Scroll down to the Authentication section and select AWS.

Steps to configure AWS SSO on Stormboard side

  1. Enter the values from AWS in Stormboard. May be any of the following:
    a. Issuer URL
    b. SAML 2.0 Endpoint
    c. Identifier
    d. AWS Identifier
    e. Identity Provider Issuer
    f. Public Certificate

  2. Set the "Enabled" field to "Yes" to enable SSO (see image below)

  3. The "Required" field allows you to set if a user is required to be authenticated with SSO in order to enter a Storm (what we call your digital workspace). If you select "Yes", this will stop any external users not in your directory from entering a Storm — an added security feature (see image below).

  4. Click Save (see image below).

Steps to configure AWS SSO on AWS side

Enter the values from Stormboard in AWS on the admin side.
May be any of the following:
a. Identifier
b. Reply URL (ACS)
c. Sign On URL (ACS)
d. Subdomain
e. Team ID

Test your connection on Stormboard

  1. Go to https://[your-subdomain].stormboard.com/

  2. Click Continue

3. Stormboard uses just-in-time provisioning if the user does not have an account one will be created

Notes

The following SAML attributes are supported:

Name

Value

FirstName

user.firstName

LastName

user.lastName

Email

user.userName

Related Articles:

-How to get started with single sign on
-How do I connect my Single Sign on to Stormboard?
-What Single Sign On Providers does Stormboard support?

Did this answer your question?