AWS SSO Integration

Overview

QueryPie enables users to link with AWS IAM Identity Center for multiple cloud applications via SAML 2.0. Admins can synchronize users to grant access and enforce policies.

Adding QueryPie as an Application in AWS IAM Identity Center

1. Sign in to the AWS IAM Identity Center.

2. Navigate the Applications menu in the left-hand menu.

3. Click the Add application button in the upper-right corner.

4. Select the Add a custom SAML 2.0 application option and click Next.

5. In Application Configuration > Display Name, enter “QueryPie”.

6. In Application Properties > Application Start URL, enter the domain address where QueryPie is installed, as shown below:

   1. Application Start URL : https://{querypie_host}/saml/login

7. In the Application Metadata field, enter the following:

   1. Application ACS URL : https://{querypie_host}/saml/sp/acs

   2. Application SAML Target : https://{querypie_host}/saml/sp/metadata

8. Click Submit to save.

Setting Up Property Mappings for QueryPie Integration

1. In the top right corner of the created application, navigate to Actions > Edit Property Mappings.

2. Enter the mapping values and formats for the user attributes in the application, following the guidelines provided in the screenshot above.

3. Click Save Changes to save.

Setting Up AWS IAM Identity Center Integration in QueryPie

1. Navigate to the Administrator > General > User Management > Authentication menu.

2. In the Authentication Type field, select SAML.

3. On the Applications > Actions > Edit Configuration screen, download the IAM Identity Center SAML metadata file.

4. Paste the downloaded XML information into the Identity Provider Metadata entry.

5. Click Save Changes to save.

SAML Login in QueryPie

You can now sign in to QueryPie by authenticating with AWS using the Login with SAML button on the login page.