Chapter 12: AWS-Hosted Application Single Sign-On Using an Existing Identity Provider

In the previous chapter, we looked at several solution architectures for non-administrative identity use cases. We defined our non-administrative use case as wanting to expose our organization's identity information to applications hosted on Amazon Web Services (AWS), regardless of whether the account owner had access to the AWS backplane. Most organizations make a distinction between their administrative accounts and their standard user accounts, and often have distinct architectures for each of these use cases. Typically, standard application identity needs are satisfied through the use of standard user accounts. This chapter will focus on addressing the ...