Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Can we use rest connector to connect with AWS identity center?

ashachakraborty
New Contributor
New Contributor

‎05/21/2024 03:38 AM

Hi,

As the current OOTB AWS connector does not support the integration with AWS Idnetity center, can we use a rest connector to connect withe AWS identity center? 

We have followed this forum post : https://forums.saviynt.com/t5/identity-governance/can-we-use-aws-connector-to-integrate-with-aws-ide...

 

Labels:
0 Kudos
5 REPLIES 5

adarshk
Saviynt Employee
Saviynt Employee

‎05/23/2024 06:35 AM

As mentioned in the referance post, this is stillunder progress, once available, it should be released under release notes. Please check the API reference documents of the application and check if it exposes REST connectivity. 

If yes, try connecting with Postman and perform API calls, which can then be connected with Saviynt using REST Connector. 

0 Kudos

ashachakraborty
New Contributor
New Contributor
In response to adarshk

‎05/23/2024 11:35 PM

In the reference forum post they also mention that even though we import the accounts and groups using SCIM apis, we cannot associate the account to entitlement. Our requirement is also the similar kind. Wanted to check if that issue has any workaround as the OOTB connector is not there.

0 Kudos

rushikeshvartak
All-Star
All-Star

‎05/23/2024 09:38 PM

You can use REST Connector 

 

 

AWS Identity Center (formerly AWS Single Sign-On) provides centralized access management for AWS accounts and applications. To manage identities and their access within AWS Identity Center, you can utilize the AWS Identity Center CRUD (Create, Read, Update, Delete) operations through AWS APIs. This can also be extended to Identity Governance and Administration (IGA) using REST APIs.

AWS Identity Center CRUD Operations

  1. Create

    • Create User: Create a new user in AWS Identity Center.
      • API: CreateUser
      • Example:
        { "UserName": "john.doe", "DisplayName": "John Doe", "Email": "john.doe@example.com" }
    • Create Group: Create a new group.
      • API: CreateGroup
      • Example:
        { "GroupName": "Developers", "Description": "Development team" }

  2. Read

    • Get User: Retrieve user details.
      • API: DescribeUser
      • Example:
         
        { "UserId": "1234567890" }
    • List Users: List all users.
      • API: ListUsers
      • Example:
         
        {}

  3. Update

    • Update User: Modify user attributes.
      • API: UpdateUser
      • Example:
        { "UserId": "1234567890", "DisplayName": "John Doe Updated" }
    • Add User to Group: Add a user to a group.
      • API: AddUserToGroup
      • Example:
        json
        Copy code
        { "UserId": "1234567890", "GroupId": "0987654321" }

  4. Delete

    • Delete User: Remove a user.
      • API: DeleteUser
      • Example:
        json
         
        { "UserId": "1234567890" }
    • Remove User from Group: Remove a user from a group.
      • API: RemoveUserFromGroup
      • Example:
        json
        { "UserId": "1234567890", "GroupId": "0987654321" }

AWS Identity Governance and Administration (IGA)

IGA focuses on policies and processes that ensure appropriate access to resources. AWS Identity Center's IGA capabilities are managed through its APIs and can include:

  • Access Requests: Users request access to resources.
  • Access Reviews: Regularly reviewing and certifying access rights.
  • Provisioning: Automating the creation and management of user accounts.
  • Deprovisioning: Automating the removal of user accounts and access rights.
  • Policy Enforcement: Enforcing policies for access management.

Using REST APIs

AWS provides RESTful APIs for integrating and managing AWS Identity Center. The APIs are well-documented in the AWS Identity Center API Reference.

Example REST API Call:

To create a user via REST API, you can send a POST request to the CreateUser endpoint.

 

 
curl -X POST https://identity-center.amazonaws.com/CreateUser \ -H "Content-Type: application/json" \ -d '{ "UserName": "john.doe", "DisplayName": "John Doe", "Email": "john.doe@example.com" }'

For IGA operations, similar REST API calls can be structured to manage and govern identities effectively.

 


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

ashachakraborty
New Contributor
New Contributor

‎05/23/2024 11:33 PM

In the reference dorm post they also mentions that even though we import the accounts and groups using SCIM apis,we cannot associate the account to entitlement. Our requirement is also the similar kind. Wanted to check if that issue has any workaround as the OOTB connector is not there.

0 Kudos

ashachakraborty
New Contributor
New Contributor
In response to ashachakraborty

‎05/23/2024 11:34 PM

In the reference forum post, they also mention that even though we import the accounts and groups using SCIM apis, we cannot associate the account to entitlements. Our requirement is also the similar kind. Wanted to check if that issue has any workaround as the OOTB connector is not there.

0 Kudos
Copyright © 2024 Khoros, LLC