Home icon

Amazon WorkSpaces SAML 2.0 Federation with Keycloak

Desktop & Application Streaming Blog

This article discusses how to set up Keycloak, an open-source Identity Provider (IdP), to enable SAML 2.0 federation with Amazon WorkSpaces. It provides a step-by-step guide to configure Keycloak for production use, synchronize Active Directory users, create a Keycloak realm and client, set up SAML 2.0 attributes, and enable the SAML integration in the WorkSpaces directory.

Specifically, the article covers:

  • Overview of the solution architecture
  • Prerequisites for the setup
  • Installing and configuring Keycloak for production use
  • Synchronizing Active Directory users with Keycloak
  • Configuring the Keycloak realm and client for SAML 2.0
  • Setting up SAML 2.0 attributes and AWS IAM SAML Identity Provider
  • Assigning Active Directory users to the Keycloak client
  • Enabling SAML 2.0 integration in the Amazon WorkSpaces directory
  • Federating to Amazon WorkSpaces via the Keycloak client
  • Enabling certificate-based authentication for a seamless single sign-on experience
Go to article

The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.

Related articles

Jul 24
2024
Configure SAML federation with Amazon OpenSearch Serverless and Keycloak
Feb 7
2024
Build SAML identity federation for Amazon OpenSearch Service domains within a VPC
Oct 18
2024
Single sign-on SSO for Amazon OpenSearch Service using SAML and Keycloak
May 16
2024
How to set up SAML federation in Amazon Cognito using IdP-initiated single sign-on, request signing, and encrypted assertions

The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.