Amazon IAM Identity Center logo

Amazon IAM Identity Center

AWS IAM Identity Center (successor to AWS Single Sign-On) is where you create, or connect, your workforce identities in AWS once and manage access centrally across your AWS organization. You can create user identities directly in IAM Identity Center, or bring them from Microsoft Active Directory, and then use IAM Identity Center to manage user access to AWS accounts and business applications with single sign-on.

2 APIs 6 Features
Access ControlAuthenticationIdentity ManagementSingle Sign-On

APIs

AWS IAM Identity Center SSO Admin API

Manages permission sets, account assignments, instances, and SSO configurations for centralized identity and access management across AWS accounts and organizations.

AWS IAM Identity Center Identity Store API

Manages users, groups, and group memberships in the IAM Identity Center identity store, enabling programmatic provisioning of workforce identities.

Features

Workforce Identity Management

Create and manage workforce user identities directly or connect from an external identity provider.

Single Sign-On

Enable employees to sign in once and access all assigned AWS accounts and business applications.

Centralized Access Management

Manage access to multiple AWS accounts from a single place using permission sets.

External Identity Provider Integration

Connect Microsoft Active Directory, Okta, Azure AD, and other SAML 2.0 identity providers.

Permission Set Management

Define and reuse permission policies that can be assigned to users across multiple AWS accounts.

Automated Provisioning

Automatically provision and de-provision users and groups using SCIM 2.0.

Use Cases

Workforce SSO

Enable employees to access all AWS accounts and business apps with a single set of credentials.

Centralized AWS Account Access

Manage access to dozens or hundreds of AWS accounts from a single control plane.

Just-in-Time Access

Grant temporary elevated access to AWS accounts without permanent permissions.

Compliance and Audit

Centralize access logging and produce audit reports for security compliance reviews.

Semantic Vocabularies

Amazon Iam Identity Center Context

130 classes · 96 properties

JSON-LD

API Governance Rules

Amazon IAM Identity Center API Rules

18 rules · 9 errors 8 warnings 1 info

SPECTRAL

JSON Structure

Identitystore Address Structure

8 properties

JSON STRUCTURE

Identitystore Addresses Structure

0 properties

JSON STRUCTURE

Identitystore Alternate Identifier Structure

2 properties

JSON STRUCTURE

Identitystore Attribute Operation Structure

2 properties

JSON STRUCTURE

Identitystore Attribute Operations Structure

0 properties

JSON STRUCTURE

Identitystore Attribute Value Structure

0 properties

JSON STRUCTURE

Identitystore Create Group Membership Request Structure

3 properties

JSON STRUCTURE

Identitystore Create Group Membership Response Structure

2 properties

JSON STRUCTURE

Identitystore Create Group Request Structure

3 properties

JSON STRUCTURE

Identitystore Create Group Response Structure

2 properties

JSON STRUCTURE

Identitystore Create User Request Structure

14 properties

JSON STRUCTURE

Identitystore Create User Response Structure

2 properties

JSON STRUCTURE

Identitystore Delete Group Membership Request Structure

2 properties

JSON STRUCTURE

Identitystore Delete Group Membership Response Structure

0 properties

JSON STRUCTURE

Identitystore Delete Group Request Structure

2 properties

JSON STRUCTURE

Identitystore Delete Group Response Structure

0 properties

JSON STRUCTURE

Identitystore Delete User Request Structure

2 properties

JSON STRUCTURE

Identitystore Delete User Response Structure

0 properties

JSON STRUCTURE

Identitystore Describe Group Membership Request Structure

2 properties

JSON STRUCTURE

Identitystore Describe Group Membership Response Structure

4 properties

JSON STRUCTURE

Identitystore Describe Group Request Structure

2 properties

JSON STRUCTURE

Identitystore Describe Group Response Structure

5 properties

JSON STRUCTURE

Identitystore Describe User Request Structure

2 properties

JSON STRUCTURE

Identitystore Describe User Response Structure

16 properties

JSON STRUCTURE

Identitystore Email Structure

3 properties

JSON STRUCTURE

Identitystore Emails Structure

0 properties

JSON STRUCTURE

Identitystore External Id Structure

2 properties

JSON STRUCTURE

Identitystore External Ids Structure

0 properties

JSON STRUCTURE

Identitystore Filter Structure

2 properties

JSON STRUCTURE

Identitystore Filters Structure

0 properties

JSON STRUCTURE

Identitystore Get Group Id Request Structure

2 properties

JSON STRUCTURE

Identitystore Get Group Id Response Structure

2 properties

JSON STRUCTURE

Identitystore Get Group Membership Id Request Structure

3 properties

JSON STRUCTURE

Identitystore Get Group Membership Id Response Structure

2 properties

JSON STRUCTURE

Identitystore Get User Id Request Structure

2 properties

JSON STRUCTURE

Identitystore Get User Id Response Structure

2 properties

JSON STRUCTURE

Identitystore Group Ids Structure

0 properties

JSON STRUCTURE

Identitystore Group Membership Existence Result Structure

3 properties

JSON STRUCTURE

Identitystore Group Membership Existence Results Structure

0 properties

JSON STRUCTURE

Identitystore Group Membership Structure

4 properties

JSON STRUCTURE

Identitystore Group Memberships Structure

0 properties

JSON STRUCTURE

Identitystore Group Structure

5 properties

JSON STRUCTURE

Identitystore Groups Structure

0 properties

JSON STRUCTURE

Identitystore Is Member In Groups Request Structure

3 properties

JSON STRUCTURE

Identitystore Is Member In Groups Response Structure

1 properties

JSON STRUCTURE

Identitystore List Group Memberships For Member Request Structure

4 properties

JSON STRUCTURE

Identitystore List Group Memberships For Member Response Structure

2 properties

JSON STRUCTURE

Identitystore List Group Memberships Request Structure

4 properties

JSON STRUCTURE

Identitystore List Group Memberships Response Structure

2 properties

JSON STRUCTURE

Identitystore List Groups Request Structure

4 properties

JSON STRUCTURE

Identitystore List Groups Response Structure

2 properties

JSON STRUCTURE

Identitystore List Users Request Structure

4 properties

JSON STRUCTURE

Identitystore List Users Response Structure

2 properties

JSON STRUCTURE

Identitystore Member Id Structure

1 properties

JSON STRUCTURE

Identitystore Name Structure

6 properties

JSON STRUCTURE

Identitystore Phone Number Structure

3 properties

JSON STRUCTURE

Identitystore Phone Numbers Structure

0 properties

JSON STRUCTURE

Identitystore Unique Attribute Structure

2 properties

JSON STRUCTURE

Identitystore Update Group Request Structure

3 properties

JSON STRUCTURE

Identitystore Update Group Response Structure

0 properties

JSON STRUCTURE

Identitystore Update User Request Structure

3 properties

JSON STRUCTURE

Identitystore Update User Response Structure

0 properties

JSON STRUCTURE

Identitystore User Structure

16 properties

JSON STRUCTURE

Identitystore Users Structure

0 properties

JSON STRUCTURE

Sso Admin Access Control Attribute List Structure

0 properties

JSON STRUCTURE

Sso Admin Access Control Attribute Structure

2 properties

JSON STRUCTURE

Sso Admin Access Control Attribute Value Source List Structure

0 properties

JSON STRUCTURE

Sso Admin Access Control Attribute Value Structure

1 properties

JSON STRUCTURE

Sso Admin Account Assignment List Structure

0 properties

JSON STRUCTURE

Sso Admin Account Assignment Operation Status List Structure

0 properties

JSON STRUCTURE

Sso Admin Account Assignment Operation Status Metadata Structure

3 properties

JSON STRUCTURE

Sso Admin Account Assignment Operation Status Structure

9 properties

JSON STRUCTURE

Sso Admin Account Assignment Structure

4 properties

JSON STRUCTURE

Sso Admin Account List Structure

0 properties

JSON STRUCTURE

Sso Admin Attach Customer Managed Policy Reference To Permission Set Request Structure

3 properties

JSON STRUCTURE

Sso Admin Attach Customer Managed Policy Reference To Permission Set Response Structure

0 properties

JSON STRUCTURE

Sso Admin Attach Managed Policy To Permission Set Request Structure

3 properties

JSON STRUCTURE

Sso Admin Attach Managed Policy To Permission Set Response Structure

0 properties

JSON STRUCTURE

Sso Admin Attached Managed Policy List Structure

0 properties

JSON STRUCTURE

Sso Admin Attached Managed Policy Structure

2 properties

JSON STRUCTURE

Sso Admin Create Account Assignment Request Structure

6 properties

JSON STRUCTURE

Sso Admin Create Account Assignment Response Structure

1 properties

JSON STRUCTURE

Sso Admin Create Instance Access Control Attribute Configuration Request Structure

2 properties

JSON STRUCTURE

Sso Admin Create Instance Access Control Attribute Configuration Response Structure

0 properties

JSON STRUCTURE

Sso Admin Create Permission Set Request Structure

6 properties

JSON STRUCTURE

Sso Admin Create Permission Set Response Structure

1 properties

JSON STRUCTURE

Sso Admin Customer Managed Policy Reference List Structure

0 properties

JSON STRUCTURE

Sso Admin Customer Managed Policy Reference Structure

2 properties

JSON STRUCTURE

Sso Admin Delete Account Assignment Request Structure

6 properties

JSON STRUCTURE

Sso Admin Delete Account Assignment Response Structure

1 properties

JSON STRUCTURE

Sso Admin Delete Inline Policy From Permission Set Request Structure

2 properties

JSON STRUCTURE

Sso Admin Delete Inline Policy From Permission Set Response Structure

0 properties

JSON STRUCTURE

Sso Admin Delete Instance Access Control Attribute Configuration Request Structure

1 properties

JSON STRUCTURE

Sso Admin Delete Instance Access Control Attribute Configuration Response Structure

0 properties

JSON STRUCTURE

Sso Admin Delete Permission Set Request Structure

2 properties

JSON STRUCTURE

Sso Admin Delete Permission Set Response Structure

0 properties

JSON STRUCTURE

Sso Admin Delete Permissions Boundary From Permission Set Request Structure

2 properties

JSON STRUCTURE

Sso Admin Delete Permissions Boundary From Permission Set Response Structure

0 properties

JSON STRUCTURE

Sso Admin Describe Account Assignment Creation Status Request Structure

2 properties

JSON STRUCTURE

Sso Admin Describe Account Assignment Creation Status Response Structure

1 properties

JSON STRUCTURE

Sso Admin Describe Account Assignment Deletion Status Request Structure

2 properties

JSON STRUCTURE

Sso Admin Describe Account Assignment Deletion Status Response Structure

1 properties

JSON STRUCTURE

Sso Admin Describe Instance Access Control Attribute Configuration Request Structure

1 properties

JSON STRUCTURE

Sso Admin Describe Instance Access Control Attribute Configuration Response Structure

3 properties

JSON STRUCTURE

Sso Admin Describe Permission Set Provisioning Status Request Structure

2 properties

JSON STRUCTURE

Sso Admin Describe Permission Set Provisioning Status Response Structure

1 properties

JSON STRUCTURE

Sso Admin Describe Permission Set Request Structure

2 properties

JSON STRUCTURE

Sso Admin Describe Permission Set Response Structure

1 properties

JSON STRUCTURE

Sso Admin Detach Customer Managed Policy Reference From Permission Set Request Structure

3 properties

JSON STRUCTURE

Sso Admin Detach Customer Managed Policy Reference From Permission Set Response Structure

0 properties

JSON STRUCTURE

Sso Admin Detach Managed Policy From Permission Set Request Structure

3 properties

JSON STRUCTURE

Sso Admin Detach Managed Policy From Permission Set Response Structure

0 properties

JSON STRUCTURE

Sso Admin Get Inline Policy For Permission Set Request Structure

2 properties

JSON STRUCTURE

Sso Admin Get Inline Policy For Permission Set Response Structure

1 properties

JSON STRUCTURE

Sso Admin Get Permissions Boundary For Permission Set Request Structure

2 properties

JSON STRUCTURE

Sso Admin Get Permissions Boundary For Permission Set Response Structure

1 properties

JSON STRUCTURE

Sso Admin Instance Access Control Attribute Configuration Status Structure

0 properties

JSON STRUCTURE

Sso Admin Instance Access Control Attribute Configuration Structure

1 properties

JSON STRUCTURE

Sso Admin Instance List Structure

0 properties

JSON STRUCTURE

Sso Admin Instance Metadata Structure

2 properties

JSON STRUCTURE

Sso Admin List Account Assignment Creation Status Request Structure

4 properties

JSON STRUCTURE

Sso Admin List Account Assignment Creation Status Response Structure

2 properties

JSON STRUCTURE

Sso Admin List Account Assignment Deletion Status Request Structure

4 properties

JSON STRUCTURE

Sso Admin List Account Assignment Deletion Status Response Structure

2 properties

JSON STRUCTURE

Sso Admin List Account Assignments Request Structure

5 properties

JSON STRUCTURE

Sso Admin List Account Assignments Response Structure

2 properties

JSON STRUCTURE

Sso Admin List Accounts For Provisioned Permission Set Request Structure

5 properties

JSON STRUCTURE

Sso Admin List Accounts For Provisioned Permission Set Response Structure

2 properties

JSON STRUCTURE

Sso Admin List Customer Managed Policy References In Permission Set Request Structure

4 properties

JSON STRUCTURE

Sso Admin List Customer Managed Policy References In Permission Set Response Structure

2 properties

JSON STRUCTURE

Sso Admin List Instances Request Structure

2 properties

JSON STRUCTURE

Sso Admin List Instances Response Structure

2 properties

JSON STRUCTURE

Sso Admin List Managed Policies In Permission Set Request Structure

4 properties

JSON STRUCTURE

Sso Admin List Managed Policies In Permission Set Response Structure

2 properties

JSON STRUCTURE

Sso Admin List Permission Set Provisioning Status Request Structure

4 properties

JSON STRUCTURE

Sso Admin List Permission Set Provisioning Status Response Structure

2 properties

JSON STRUCTURE

Sso Admin List Permission Sets Provisioned To Account Request Structure

5 properties

JSON STRUCTURE

Sso Admin List Permission Sets Provisioned To Account Response Structure

2 properties

JSON STRUCTURE

Sso Admin List Permission Sets Request Structure

3 properties

JSON STRUCTURE

Sso Admin List Permission Sets Response Structure

2 properties

JSON STRUCTURE

Sso Admin List Tags For Resource Request Structure

3 properties

JSON STRUCTURE

Sso Admin List Tags For Resource Response Structure

2 properties

JSON STRUCTURE

Sso Admin Operation Status Filter Structure

1 properties

JSON STRUCTURE

Sso Admin Permission Set List Structure

0 properties

JSON STRUCTURE

Sso Admin Permission Set Provisioning Status List Structure

0 properties

JSON STRUCTURE

Sso Admin Permission Set Provisioning Status Metadata Structure

3 properties

JSON STRUCTURE

Sso Admin Permission Set Provisioning Status Structure

6 properties

JSON STRUCTURE

Sso Admin Permission Set Structure

6 properties

JSON STRUCTURE

Sso Admin Permissions Boundary Structure

2 properties

JSON STRUCTURE

Sso Admin Principal Type Structure

0 properties

JSON STRUCTURE

Sso Admin Provision Permission Set Request Structure

4 properties

JSON STRUCTURE

Sso Admin Provision Permission Set Response Structure

1 properties

JSON STRUCTURE

Sso Admin Provision Target Type Structure

0 properties

JSON STRUCTURE

Sso Admin Provisioning Status Structure

0 properties

JSON STRUCTURE

Sso Admin Put Inline Policy To Permission Set Request Structure

3 properties

JSON STRUCTURE

Sso Admin Put Inline Policy To Permission Set Response Structure

0 properties

JSON STRUCTURE

Sso Admin Put Permissions Boundary To Permission Set Request Structure

3 properties

JSON STRUCTURE

Sso Admin Put Permissions Boundary To Permission Set Response Structure

0 properties

JSON STRUCTURE

Sso Admin Status Values Structure

0 properties

JSON STRUCTURE

Sso Admin Tag Key List Structure

0 properties

JSON STRUCTURE

Sso Admin Tag List Structure

0 properties

JSON STRUCTURE

Sso Admin Tag Resource Request Structure

3 properties

JSON STRUCTURE

Sso Admin Tag Resource Response Structure

0 properties

JSON STRUCTURE

Sso Admin Tag Structure

2 properties

JSON STRUCTURE

Sso Admin Target Type Structure

0 properties

JSON STRUCTURE

Sso Admin Untag Resource Request Structure

3 properties

JSON STRUCTURE

Sso Admin Untag Resource Response Structure

0 properties

JSON STRUCTURE

Sso Admin Update Instance Access Control Attribute Configuration Request Structure

2 properties

JSON STRUCTURE

Sso Admin Update Instance Access Control Attribute Configuration Response Structure

0 properties

JSON STRUCTURE

Sso Admin Update Permission Set Request Structure

5 properties

JSON STRUCTURE

Sso Admin Update Permission Set Response Structure

0 properties

JSON STRUCTURE

Example Payloads

Identitystore Address Example

8 fields

EXAMPLE

Identitystore Addresses Example

EXAMPLE

Identitystore Alternate Identifier Example

2 fields

EXAMPLE

Identitystore Attribute Operation Example

2 fields

EXAMPLE

Identitystore Attribute Operations Example

EXAMPLE

Identitystore Attribute Value Example

EXAMPLE

Identitystore Create Group Membership Request Example

3 fields

EXAMPLE

Identitystore Create Group Membership Response Example

2 fields

EXAMPLE

Identitystore Create Group Request Example

3 fields

EXAMPLE

Identitystore Create Group Response Example

2 fields

EXAMPLE

Identitystore Create User Request Example

14 fields

EXAMPLE

Identitystore Create User Response Example

2 fields

EXAMPLE

Identitystore Delete Group Membership Request Example

2 fields

EXAMPLE

Identitystore Delete Group Membership Response Example

EXAMPLE

Identitystore Delete Group Request Example

2 fields

EXAMPLE

Identitystore Delete Group Response Example

EXAMPLE

Identitystore Delete User Request Example

2 fields

EXAMPLE

Identitystore Delete User Response Example

EXAMPLE

Identitystore Describe Group Membership Request Example

2 fields

EXAMPLE

Identitystore Describe Group Membership Response Example

4 fields

EXAMPLE

Identitystore Describe Group Request Example

2 fields

EXAMPLE

Identitystore Describe Group Response Example

5 fields

EXAMPLE

Identitystore Describe User Request Example

2 fields

EXAMPLE

Identitystore Describe User Response Example

16 fields

EXAMPLE

Identitystore Email Example

3 fields

EXAMPLE

Identitystore Emails Example

EXAMPLE

Identitystore External Id Example

2 fields

EXAMPLE

Identitystore External Ids Example

EXAMPLE

Identitystore Filter Example

2 fields

EXAMPLE

Identitystore Filters Example

EXAMPLE

Identitystore Get Group Id Request Example

2 fields

EXAMPLE

Identitystore Get Group Id Response Example

2 fields

EXAMPLE

Identitystore Get Group Membership Id Request Example

3 fields

EXAMPLE

Identitystore Get Group Membership Id Response Example

2 fields

EXAMPLE

Identitystore Get User Id Request Example

2 fields

EXAMPLE

Identitystore Get User Id Response Example

2 fields

EXAMPLE

Identitystore Group Example

5 fields

EXAMPLE

Identitystore Group Ids Example

EXAMPLE

Identitystore Group Membership Example

4 fields

EXAMPLE

Identitystore Group Membership Existence Result Example

3 fields

EXAMPLE

Identitystore Group Membership Existence Results Example

EXAMPLE

Identitystore Group Memberships Example

EXAMPLE

Identitystore Groups Example

EXAMPLE

Identitystore Is Member In Groups Request Example

3 fields

EXAMPLE

Identitystore Is Member In Groups Response Example

1 fields

EXAMPLE

Identitystore List Group Memberships For Member Request Example

4 fields

EXAMPLE

Identitystore List Group Memberships For Member Response Example

2 fields

EXAMPLE

Identitystore List Group Memberships Request Example

4 fields

EXAMPLE

Identitystore List Group Memberships Response Example

2 fields

EXAMPLE

Identitystore List Groups Request Example

4 fields

EXAMPLE

Identitystore List Groups Response Example

2 fields

EXAMPLE

Identitystore List Users Request Example

4 fields

EXAMPLE

Identitystore List Users Response Example

2 fields

EXAMPLE

Identitystore Member Id Example

1 fields

EXAMPLE

Identitystore Name Example

6 fields

EXAMPLE

Identitystore Phone Number Example

3 fields

EXAMPLE

Identitystore Phone Numbers Example

EXAMPLE

Identitystore Unique Attribute Example

2 fields

EXAMPLE

Identitystore Update Group Request Example

3 fields

EXAMPLE

Identitystore Update Group Response Example

EXAMPLE

Identitystore Update User Request Example

3 fields

EXAMPLE

Identitystore Update User Response Example

EXAMPLE

Identitystore User Example

16 fields

EXAMPLE

Identitystore Users Example

EXAMPLE

Sso Admin Access Control Attribute Example

2 fields

EXAMPLE

Sso Admin Access Control Attribute List Example

EXAMPLE

Sso Admin Access Control Attribute Value Example

1 fields

EXAMPLE

Sso Admin Access Control Attribute Value Source List Example

EXAMPLE

Sso Admin Account Assignment Example

4 fields

EXAMPLE

Sso Admin Account Assignment List Example

EXAMPLE

Sso Admin Account Assignment Operation Status Example

9 fields

EXAMPLE

Sso Admin Account Assignment Operation Status List Example

EXAMPLE

Sso Admin Account Assignment Operation Status Metadata Example

3 fields

EXAMPLE

Sso Admin Account List Example

EXAMPLE

Sso Admin Attach Customer Managed Policy Reference To Permission Set Request Example

3 fields

EXAMPLE

Sso Admin Attach Customer Managed Policy Reference To Permission Set Response Example

EXAMPLE

Sso Admin Attach Managed Policy To Permission Set Request Example

3 fields

EXAMPLE

Sso Admin Attach Managed Policy To Permission Set Response Example

EXAMPLE

Sso Admin Attached Managed Policy Example

2 fields

EXAMPLE

Sso Admin Attached Managed Policy List Example

EXAMPLE

Sso Admin Create Account Assignment Request Example

6 fields

EXAMPLE

Sso Admin Create Account Assignment Response Example

1 fields

EXAMPLE

Sso Admin Create Instance Access Control Attribute Configuration Request Example

2 fields

EXAMPLE

Sso Admin Create Instance Access Control Attribute Configuration Response Example

EXAMPLE

Sso Admin Create Permission Set Request Example

6 fields

EXAMPLE

Sso Admin Create Permission Set Response Example

1 fields

EXAMPLE

Sso Admin Customer Managed Policy Reference Example

2 fields

EXAMPLE

Sso Admin Customer Managed Policy Reference List Example

EXAMPLE

Sso Admin Delete Account Assignment Request Example

6 fields

EXAMPLE

Sso Admin Delete Account Assignment Response Example

1 fields

EXAMPLE

Sso Admin Delete Inline Policy From Permission Set Request Example

2 fields

EXAMPLE

Sso Admin Delete Inline Policy From Permission Set Response Example

EXAMPLE

Sso Admin Delete Instance Access Control Attribute Configuration Request Example

1 fields

EXAMPLE

Sso Admin Delete Instance Access Control Attribute Configuration Response Example

EXAMPLE

Sso Admin Delete Permission Set Request Example

2 fields

EXAMPLE

Sso Admin Delete Permission Set Response Example

EXAMPLE

Sso Admin Delete Permissions Boundary From Permission Set Request Example

2 fields

EXAMPLE

Sso Admin Delete Permissions Boundary From Permission Set Response Example

EXAMPLE

Sso Admin Describe Account Assignment Creation Status Request Example

2 fields

EXAMPLE

Sso Admin Describe Account Assignment Creation Status Response Example

1 fields

EXAMPLE

Sso Admin Describe Account Assignment Deletion Status Request Example

2 fields

EXAMPLE

Sso Admin Describe Account Assignment Deletion Status Response Example

1 fields

EXAMPLE

Sso Admin Describe Instance Access Control Attribute Configuration Request Example

1 fields

EXAMPLE

Sso Admin Describe Instance Access Control Attribute Configuration Response Example

3 fields

EXAMPLE

Sso Admin Describe Permission Set Provisioning Status Request Example

2 fields

EXAMPLE

Sso Admin Describe Permission Set Provisioning Status Response Example

1 fields

EXAMPLE

Sso Admin Describe Permission Set Request Example

2 fields

EXAMPLE

Sso Admin Describe Permission Set Response Example

1 fields

EXAMPLE

Sso Admin Detach Customer Managed Policy Reference From Permission Set Request Example

3 fields

EXAMPLE

Sso Admin Detach Customer Managed Policy Reference From Permission Set Response Example

EXAMPLE

Sso Admin Detach Managed Policy From Permission Set Request Example

3 fields

EXAMPLE

Sso Admin Detach Managed Policy From Permission Set Response Example

EXAMPLE

Sso Admin Get Inline Policy For Permission Set Request Example

2 fields

EXAMPLE

Sso Admin Get Inline Policy For Permission Set Response Example

1 fields

EXAMPLE

Sso Admin Get Permissions Boundary For Permission Set Request Example

2 fields

EXAMPLE

Sso Admin Get Permissions Boundary For Permission Set Response Example

1 fields

EXAMPLE

Sso Admin Instance Access Control Attribute Configuration Example

1 fields

EXAMPLE

Sso Admin Instance List Example

EXAMPLE

Sso Admin Instance Metadata Example

2 fields

EXAMPLE

Sso Admin List Account Assignment Creation Status Request Example

4 fields

EXAMPLE

Sso Admin List Account Assignment Creation Status Response Example

2 fields

EXAMPLE

Sso Admin List Account Assignment Deletion Status Request Example

4 fields

EXAMPLE

Sso Admin List Account Assignment Deletion Status Response Example

2 fields

EXAMPLE

Sso Admin List Account Assignments Request Example

5 fields

EXAMPLE

Sso Admin List Account Assignments Response Example

2 fields

EXAMPLE

Sso Admin List Accounts For Provisioned Permission Set Request Example

5 fields

EXAMPLE

Sso Admin List Accounts For Provisioned Permission Set Response Example

2 fields

EXAMPLE

Sso Admin List Customer Managed Policy References In Permission Set Request Example

4 fields

EXAMPLE

Sso Admin List Customer Managed Policy References In Permission Set Response Example

2 fields

EXAMPLE

Sso Admin List Instances Request Example

2 fields

EXAMPLE

Sso Admin List Instances Response Example

2 fields

EXAMPLE

Sso Admin List Managed Policies In Permission Set Request Example

4 fields

EXAMPLE

Sso Admin List Managed Policies In Permission Set Response Example

2 fields

EXAMPLE

Sso Admin List Permission Set Provisioning Status Request Example

4 fields

EXAMPLE

Sso Admin List Permission Set Provisioning Status Response Example

2 fields

EXAMPLE

Sso Admin List Permission Sets Provisioned To Account Request Example

5 fields

EXAMPLE

Sso Admin List Permission Sets Provisioned To Account Response Example

2 fields

EXAMPLE

Sso Admin List Permission Sets Request Example

3 fields

EXAMPLE

Sso Admin List Permission Sets Response Example

2 fields

EXAMPLE

Sso Admin List Tags For Resource Request Example

3 fields

EXAMPLE

Sso Admin List Tags For Resource Response Example

2 fields

EXAMPLE

Sso Admin Operation Status Filter Example

1 fields

EXAMPLE

Sso Admin Permission Set Example

6 fields

EXAMPLE

Sso Admin Permission Set List Example

EXAMPLE

Sso Admin Permission Set Provisioning Status Example

6 fields

EXAMPLE

Sso Admin Permission Set Provisioning Status List Example

EXAMPLE

Sso Admin Permission Set Provisioning Status Metadata Example

3 fields

EXAMPLE

Sso Admin Permissions Boundary Example

2 fields

EXAMPLE

Sso Admin Provision Permission Set Request Example

4 fields

EXAMPLE

Sso Admin Provision Permission Set Response Example

1 fields

EXAMPLE

Sso Admin Put Inline Policy To Permission Set Request Example

3 fields

EXAMPLE

Sso Admin Put Inline Policy To Permission Set Response Example

EXAMPLE

Sso Admin Put Permissions Boundary To Permission Set Request Example

3 fields

EXAMPLE

Sso Admin Put Permissions Boundary To Permission Set Response Example

EXAMPLE

Sso Admin Tag Example

2 fields

EXAMPLE

Sso Admin Tag Key List Example

EXAMPLE

Sso Admin Tag List Example

EXAMPLE

Sso Admin Tag Resource Request Example

3 fields

EXAMPLE

Sso Admin Tag Resource Response Example

EXAMPLE

Sso Admin Untag Resource Request Example

3 fields

EXAMPLE

Sso Admin Untag Resource Response Example

EXAMPLE

Sso Admin Update Instance Access Control Attribute Configuration Request Example

2 fields

EXAMPLE

Sso Admin Update Instance Access Control Attribute Configuration Response Example

EXAMPLE

Sso Admin Update Permission Set Request Example

5 fields

EXAMPLE

Sso Admin Update Permission Set Response Example

EXAMPLE

Visuals

Amazon IAM Identity Center screenshot

Resources

🌐
Portal
Portal
🔗
Website
Website
🔗
Documentation
Documentation
📜
TermsOfService
TermsOfService
📜
PrivacyPolicy
PrivacyPolicy
💬
Support
Support
📰
Blog
Blog
👥
GitHubOrganization
GitHubOrganization
🌐
Console
Console
📝
SignUp
SignUp
🔗
Login
Login
🟢
StatusPage
StatusPage
🔗
Contact
Contact
🔗
SpectralRules
SpectralRules
🔗
Vocabulary
Vocabulary
🔗
JSONLD
JSONLD

Sources

Raw ↑ 
aid: amazon-iam-identity-center
name: Amazon IAM Identity Center
description: AWS IAM Identity Center (successor to AWS Single Sign-On) is where you create, or connect, your workforce identities
  in AWS once and manage access centrally across your AWS organization. You can create user identities directly in IAM Identity
  Center, or bring them from Microsoft Active Directory, and then use IAM Identity Center to manage user access to AWS accounts
  and business applications with single sign-on.
type: Index
image: https://kinlane-images.s3.amazonaws.com/shared/apis-json/apis-json-logo.jpg
tags:
- Access Control
- Authentication
- AWS
- Identity Management
- Single Sign-On
url: https://raw.githubusercontent.com/api-evangelist/amazon-iam-identity-center/refs/heads/main/apis.yml
created: '2026-03-16'
modified: '2026-05-19'
specificationVersion: '0.19'
apis:
- aid: amazon-iam-identity-center:aws-sso-admin-api
  name: AWS IAM Identity Center SSO Admin API
  description: Manages permission sets, account assignments, instances, and SSO configurations for centralized identity and
    access management across AWS accounts and organizations.
  humanURL: https://aws.amazon.com/iam/identity-center/
  baseURL: https://sso.amazonaws.com
  tags:
  - Access Control
  - Identity Management
  - Single Sign-On
  properties:
  - type: Documentation
    url: https://docs.aws.amazon.com/singlesignon/latest/APIReference/Welcome.html
  - type: OpenAPI
    url: openapi/amazon-iam-identity-center-sso-admin-openapi-original.yml
  - type: GettingStarted
    url: https://aws.amazon.com/iam/identity-center/getting-started/
  - type: Pricing
    url: https://aws.amazon.com/iam/identity-center/pricing/
  - type: FAQ
    url: https://aws.amazon.com/iam/identity-center/faqs/
  - type: NaftikoCapability
    url: capabilities/sso-admin.yaml
- aid: amazon-iam-identity-center:aws-identitystore-api
  name: AWS IAM Identity Center Identity Store API
  description: Manages users, groups, and group memberships in the IAM Identity Center identity store, enabling programmatic
    provisioning of workforce identities.
  humanURL: https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/welcome.html
  baseURL: https://identitystore.amazonaws.com
  tags:
  - Groups
  - Identity Management
  - Users
  properties:
  - type: Documentation
    url: https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/welcome.html
  - type: OpenAPI
    url: openapi/amazon-iam-identity-center-identitystore-openapi-original.yml
  - type: NaftikoCapability
    url: capabilities/identitystore.yaml
common:
- type: Portal
  url: https://aws.amazon.com/iam/identity-center/
- type: Website
  url: https://aws.amazon.com/iam/identity-center/
- type: Documentation
  url: https://docs.aws.amazon.com/singlesignon/
- type: TermsOfService
  url: https://aws.amazon.com/service-terms/
- type: PrivacyPolicy
  url: https://aws.amazon.com/privacy/
- type: Support
  url: https://aws.amazon.com/premiumsupport/
- type: Blog
  url: https://aws.amazon.com/blogs/security/tag/aws-iam-identity-center/
- type: GitHubOrganization
  url: https://github.com/aws
- type: Console
  url: https://console.aws.amazon.com/singlesignon/
- type: SignUp
  url: https://portal.aws.amazon.com/billing/signup
- type: Login
  url: https://signin.aws.amazon.com/
- type: StatusPage
  url: https://health.aws.amazon.com/health/status
- type: Contact
  url: https://aws.amazon.com/contact-us/
- type: SpectralRules
  url: rules/amazon-iam-identity-center-spectral-rules.yml
- type: Vocabulary
  url: vocabulary/amazon-iam-identity-center-vocabulary.yaml
- type: JSONLD
  url: json-ld/amazon-iam-identity-center-context.jsonld
- type: Features
  data:
  - name: Workforce Identity Management
    description: Create and manage workforce user identities directly or connect from an external identity provider.
  - name: Single Sign-On
    description: Enable employees to sign in once and access all assigned AWS accounts and business applications.
  - name: Centralized Access Management
    description: Manage access to multiple AWS accounts from a single place using permission sets.
  - name: External Identity Provider Integration
    description: Connect Microsoft Active Directory, Okta, Azure AD, and other SAML 2.0 identity providers.
  - name: Permission Set Management
    description: Define and reuse permission policies that can be assigned to users across multiple AWS accounts.
  - name: Automated Provisioning
    description: Automatically provision and de-provision users and groups using SCIM 2.0.
- type: UseCases
  data:
  - name: Workforce SSO
    description: Enable employees to access all AWS accounts and business apps with a single set of credentials.
  - name: Centralized AWS Account Access
    description: Manage access to dozens or hundreds of AWS accounts from a single control plane.
  - name: Just-in-Time Access
    description: Grant temporary elevated access to AWS accounts without permanent permissions.
  - name: Compliance and Audit
    description: Centralize access logging and produce audit reports for security compliance reviews.
- type: Integrations
  data:
  - name: Microsoft Active Directory
    description: Sync users and groups from Active Directory for SSO and access management.
  - name: Okta
    description: Connect Okta as an external identity provider using SAML 2.0 and SCIM.
  - name: Azure Active Directory
    description: Federate with Azure AD for identity synchronization and SSO.
  - name: AWS Organizations
    description: Manage access across all accounts in an AWS Organization from a single SSO configuration.
- type: Integrations
  url: https://aws.amazon.com/marketplace
integrations:
- name: Agent Mode
- name: Sign in
- name: Become a Channel Partner
- name: Resources
- name: Sell in AWS Marketplace
- name: Why AWS Marketplace?
- name: Get started in AWS Marketplace
- name: Manage Your Account
maintainers:
- FN: Kin Lane
  email: kin@apievangelist.com