Can AWS SSO generate a "friendly" issuer URL for SAML federation?

Question

I have SAML federation working between Okta and AWS SSO. Everything is fine, except that users performing IdP-initiated SSO see an "unfriendly" URL in their browser ("https://d-123456789a.awsapps.com/") once logged into AWS.

Is it possible to have a friendly name in the browser (aka, "https://friendly-name.awsapps.com/") after AWS login via IdP-initiated SSO, similar to when we're doing SP-initiated SSO? I believe this would require a different 'Issuer URL' from AWS SSO for the SAML connection, but I don't see any options for this in the AWS console.

Thanks, Jeffrey

Sriram Raghavan · Answer 1 · 2021-06-30T08:36:35.710

0

Jeffrey - If you haven't fixed this yet, here is the solution. There is option in the AWS SSO console to change the SSO url while creating the SSO itself. Go to Settings ->User portal You will find the user portal URL and you change it to your convenience. One hiccup/point to be noted. You can just change the subdomain. eg: https://friendlyurl.awsapps.com/start.

edited Jun 30 '21 at 08:36

answered Jun 30 '21 at 07:40

Sriram Raghavan

73
5

Can AWS SSO generate a "friendly" issuer URL for SAML federation?

1 Answers1