Use Case	All Integrations Single Sign-On Lifecycle Management
Language	English
Share

AWS Account Federation

Overview

By federating Okta to Amazon Web Services (AWS) Identity and Access Management (IAM) accounts, end users get single sign-on access to all their assigned AWS roles with their Okta credentials. In each AWS account, administrators set up federation and configure AWS roles to trust Okta. When users sign-in to AWS, they get Okta single sign-in experience to see their assigned AWS roles. They can then select a desired role, which defined their permissions for the duration of their authenticated session. Customers with large numbers of AWS Accounts, check out the AWS Single Sign-On app as an alternative.

Last updated: Sep. 9 2025

Functionality

Add this integration to enable authentication and provisioning capabilities.

Functionality	API Entitlement Management Event Hooks Identity Security & Posture Management Inbound Federation Inline Hooks Outbound Federation Partial Universal Logout RADIUS Universal Logout Workflow Templates Workflows Connectors SAML SWA WS-Federation OIDC SCIM
Provisioning	Create Update Attribute Sourcing Deactivate Sync Password Group Push Group Linking Schema Discovery Attribute Writeback

Okta

Auth0

Discover our latest stories

AWS Account Federation

Overview

Functionality

Functionality

Provisioning

Take your integrations further

Build your own

Publish to the OIN

Secure your SaaS apps