DanielS.42740 (Customer) asked a question.
AWS Account Federation via API
Hello,
I am trying to create via API a AWS Account Federation app with SAML integration to AWS. What I did was:
- Followed the guide and successfully created an integration for multiple roles between okta and aws: https://saml-doc.okta.com/SAML_Docs/How-to-Configure-SAML-2.0-for-Amazon-Web-Service.html.
- Collected relevant information from the app created in step one via API with https://<mydomain>.okta.com/api/v1/apps/<appid>.
- Created a duplicate of the app following the documentation https://developer.okta.com/docs/reference/api/apps/*add-saml-2-0-authentication-application.
The app looks just fine in the GUI, but it looks like the provisioning section was not activated:
The parameters I provided via API for settings.app were:
- accessKey
- secretKey
- appFilter
- groupFilter
- useGroupMapping
- joinAllRoles
- identityProviderArn
- overrideAcsURL
- sessionDuration
- roleValuePattern
- awsEnvironmentType
- loginURL
- secretKeyEnc
Is there a way to enable provisioning via API for the app? Am I missing a parameter?
I also need to know how to enable the Create Users and Update User Attributes mentioned in the guide via API: