Create or connect your workforce identities only once for use across Amazon Web Services.
Centrally manage your workforce access to multiple Amazon Web Services accounts.
Assign user permissions based on common job functions or user attributes.
Provide your workforce single sign-on access to cloud applications.
How it works
Enable multi-account access to your Amazon Web Services accounts
Your users can use their directory credentials for single sign-on access to multiple Amazon Web Services accounts. Their personalized web user portal shows their assigned roles in Amazon Web Services accounts in one place. Users can also single sign-on through the Amazon Command Line Interface (CLI), Amazon SDKs using their directory credentials for a consistent authentication experience.
Enable single sign-on access to your Amazon Web Services applications
IAM Identity Center is integrated with Amazon Web Services applications for zero-configuration authentication and authorization. These integrated applications share a consistent view of users and groups for resource sharing and collaboration all within the application.
Enable single sign-on access to cloud-based applications
You can more easily configure single sign-on access to applications that support SAML 2.0 using the IAM Identity Center application configuration wizard. IAM Identity Center also provides preconfigured settings for many cloud applications, including Salesforce, Box, and Microsoft 365.
How to get started
Connect with an expert
From development to enterprise-level programs, get the right support at the right time.
Have more IAM Identity Center questions?
Get answers about how IAM Identity Center works.
Access the IAM Identity Center console
Configure your identity source and scale fine-grained permissions across Amazon Web Services.