miniOrange provides secure access to AWS AppStream for enterprises and full control over access of AWS applications. Single Sign On (SSO) into your AWS AppStream account with one set of login credentials.
Single Sign On
miniOrange Single Sign On (SSO) Solution provides easy and seamless access to all enterprise resources with one set of credentials. miniOrange provides Single Sign On (SSO) to any type of devices or applications whether they are in the cloud or on-premise.
Secure your AWS AppStream app from password thefts using multi factor authentication methods with 15+ authentication types provided by miniOrange. Our multi factor authentication methods prevent unauthorized users from accessing information and resources having password alone as authentication factor. Enabling second factor authentication for AWS AppStream protects you against password thefts.
miniOrange prevents frauds with its dynamic risk engine in conjunction with enterprise specific security policy. We support a combination of the Device Id, Location and Time of access as multi-factor authentication that can detect and block fraud in real-time, without any interaction with the user.
Follow the Step-by-Step Guide given below for AWS AppStream Single Sign On (SSO)
Step 1: Configure AWS AppStream in miniOrange
- Login to miniOrange Admin Console.
- Go to Apps >> Manage Apps. Click Configure Apps button.
- Click on SAML tab. Select AWS AppStream App.
- Get the SP Entity ID or Issuer from the metadata (https://signin.aws.amazon.com/static/saml-metadata.xml). You will find the value in the first line against entityID. It is set to urn:amazon:webservices but may vary for non-US regions.
- Make sure the ACS URL is: https://signin.aws.amazon.com/saml . This might vary for non-US regions in which case you would find it in metadata ( https://signin.aws.amazon.com/static/saml-metadata.xml) as Location attribute of AssertionConsumerService.
- Click on Show Advanced Settings. Against Relay State select Custom Attribute Value & enter
- Enable Override RelayState.
- You can set another value for relay state depending on where you want to redirect the user after SSO.
- Go to the Add Policy and select DEFAULT from the Group Name dropdown.
- Now enter the AWS AppStream in the Policy Name field.
- Select PASSWORD from the First Factor Type dropdown.
- Click on Save button to configure AWS AppStream.
- Once the App is added, click on the Metadata link, download metadata file and keep with you which you will require later.
Step 2: Setting SAML in AWS AppStream
- Login to your Amazon Web Services (AWS) Console as an admin.
- Click on Services Tab. Under Security, Identity, & Compliances, click on IAM (Identity and Access Management).
- From the left-hand side list, click on Identity Providers and then click on Create Provider button in the right section.
Step 3: Configure Provider in AWS AppStream
Step 5: Onboard users into our system
- Click on Users >> Add User.
- Here, fill the user details without the password and then click on the Create User button.
- Click on On Boarding Status tab. Check the email, with the registered e-mail id and select action Send Activation Mail with Password Reset Link from Select Action dropdown list and then click on Apply button.
- Now, Open your email id. Open the mail you get from miniOrange and then click on the link to set your account password.
- On the next screen, enter the password and confirm password and then click on the Reset Password button.
- Now, you can login into miniOrange account by entering your credentials.
Step 6: Login to AWS AppStream using miniOrange
- Go to miniOrange dashboard and select the User Dashboard from the right side menu.
- Click on AWS AppStream application which you added, to verify your SSO configuration.
For Further Details: