Integrating with AWS SSO

Overview

QueryPie supports user integration through multiple cloud applications and SAML 2.0 for users in AWS IAM Identity Center. You can grant access permissions and apply policies by synchronizing users.

Adding QueryPie as an Application in AWS IAM Identity Center

1. Access AWS IAM Identity Center .
2. Navigate to the Applications menu in the left menu.
3. Click the Add Application button in the top right corner.
4. Select the Add Custom SAML 2.0 Application option and click Next.
5. Enter QueryPie in Application Configuration > Display Name.
6. In Application Attributes > Application Start URL, enter the domain address where QueryPie is installed as follows.
   1. Application Start URL : https://{querypie_host}/saml/login
7. Enter the following values in the Application Metadata section.
   1. Application ACS URL : https://{querypie_host}/saml/sp/acs
   2. Application SAML Target : https://{querypie_host}/saml/sp/metadata
8. Click the Submit button to save.

Setting Attribute Mapping for QueryPie Integration

1. Go to Actions > Edit Attribute Mapping in the top right corner of the created application.
2. Enter the following values referring to the screenshot above for user attributes within the application and mapping values and formats.

Click the Save Changes button to save.

Configuring AWS IAM Identity Center Integration in QueryPie

1. Navigate to Administrator > General > User Management > Authentication menu.
2. Select SAML in the Authentication Type field.
3. Download the IAM Identity Center SAML metadata file from Application > Actions > Edit Configuration screen.
4. Paste the downloaded XML information into the Identity Provider Metadata field.
5. Click the Save Changes button to save.

SAML Login in QueryPie

Now you can authenticate with AWS and log in to QueryPie through the Login with SAML button on the login page.