Single Sign-On with IAM Identity Center

As a company grows, giving every employee an IAM (Identity and Access Management) user in every account becomes a nightmare. People leave, roles change, and passwords sprawl across dozens of accounts.

IAM Identity Center (formerly AWS SSO) solves this by giving your workforce one place to sign in and reach every account they are entitled to. Identities live in a central directory, not scattered as long-lived IAM users.

IAM Identity Center is AWS's service for centralized workforce single sign-on across multiple accounts in an AWS Organization.

• It sits at the organization level, managed from the management or a delegated account.
• Users get a personalized access portal listing only the accounts and roles they may use.
• It can use its own built-in directory or connect to an external one.