- Open the NoPassword Admin Dashboard. Select “Applications” from the left side menu and then select “Web App” from the submenu.
- Click on “+ Add SSO App” button from the upper right corner.
- A pop-up window will appear. Under the section: “1. Select your app”, click on “Search…” and type AWS to search the NoPassword Catalog. Select AWS from the drop-down menu.
- Expand the Identity Provider section, and click on the arrow button to download both NoPassword Certificate fingerprint and Certificate file to your computer.
- Log into Amazon Web Services Management Console as an administrator.
- Click on “Identity Provider” on the left side menu, then click on “Create Provider”.
- Click on the “Choose a provider type” and choose “SAML” from the drop-down menu.
- Enter “NoPassword” as the Provider Name, then click on the “Choose File” to upload the Metadata file that you downloaded in step 3. Once uploaded, click on the “Next Step” button.
- Click on the “Create” button, on the bottom right corner of the page.
- At this point, you have completed creating a SAML provider. All you need is to create a role.
From the left-hand side menu, click on “Roles”. If you have already created roles, select one. If you don’t have any roles, click on “Create New Role” to create one.
- First, select a name and click on the “Next Step”.
Example: In this case, we chose “Admin”.
- Select “Role for Identity Provider Access”.
Then, click on the “Select” button next to “Grant Web Single Sign-On (WebSSO) access to SAML provider”.
- Select “NoPassword” as the SAML provider and click on “Next Step”.
- Click “Next Step” on the Verify Role Trust page.
- Select one or more policies (we selected administrator access in this tutorial) and click on the “Next Step” button.
- On the “Review” page, copy “Role ARN” and “Trusted Entities” to enter it in the NoPassword Admin portal.
Then, click on “Create Role”.
- Go back to the browser tab where you had NoPassword Admin portal open.
- Expand the Service Provider section, paste the following URL into the ACS URL text box:
- Expand the Advanced section, paste the following information:
AWS app is now configured! You can assign users, groups or organizational units to the AWS app. Please see Administrator Guideline document for instructions. Don’t hesitate to contact us at 877-877-5587 or firstname.lastname@example.org in case of a question.