Articles in this section

See more

AWS Appstream 2.0 SAML

Launch the ClassLink SAML Console

After logging in to the SAML Console, click on COPY EXISTING from the navigation menu on top. This will present a list of pre-configured SAML templates.

 

mceclip0.png

 

Search for and copy the AWS AppStream 2.0 template from the library.

 

mceclip1.png

 

The service provider configuration will now appear in your ClassLink SAML Console Dashboard. Click on the 3 dots under the Tasks Column and Edit. Complete the Login URL for the school district/organization and click Save to return to the dashboard.

 

mceclip2.png

 

mceclip3.png

 

To complete the https://aws.amazon.com/SAML/Attributes/Role attribute, first import
the ClassLink IDP metadata on AWS's side. Once the setup has been completed on 
their end, you can add the roles. This is a combination of the Role ARN and the 
AWS IdP ARN (comma separated [role,idp]). 

 

Clicking on the clipboard icon will copy the ClassLink IDP Metadata URL. Please provide it to your AWS Appstream engineer. 

 

mceclip4.png

 

Once the IDP metadata has been imported on their end, you can add the roles in your empty attribute box in the AWS Appstream 2.0 configuration in the ClassLink SAML console.

 

Create the SSO Apps

To create the SSO applications in your ClassLink Management Console, click on the drop-down menu and Copy IDP Initiate Login URL.

 

mceclip6.png

 

In your CMC, create a SAML app with the URL you just copied. This will be the first part of the SSO URL. The second part will be the AWS relay state stack URL. Before adding the relay state stack URL, you will have to encode it first. You can do this here. Add the encoded AWS stack URL to the IDP Initiate URL by appending [?relaystate=stack URL] to the end of the IDP Initiate Login URL and click Save.

 

mceclip7.png

Related articles

Powered by Zendesk