IAM Identity Center
IAM Identity Center
All results for "
" in this service
All results for "
" in this service
What's New
Service Overview
What Is IAM Identity Center?
Application Scenarios
Functions
Permissions
Notes and Constraints
Billing
Concepts
Change History
Getting Started
Overview
Making Preparations
Creating Users and Permission Sets
Associating Accounts with Users and Permission Sets
Logging In as an IAM Identity Center User and Accessing Resources
User Guide
User Management
Creating Users
Logging In as an IAM Identity Center User and Accessing Resources
Managing Users
Deleting a User
Configuring the Duration of the User Portal Session
Group Management
Creating a Group
Adding Users to or Removing Users from a Group
Deleting a Group
Multi-Account Permissions Management
Registering a Delegated Administrator
Permission Sets
Creating a Permission Set
Viewing or Modifying a Permission Set
Deleting a Permission Set
Managing Permission Set Tags
Accounts
Associating Accounts with Users/Groups and Permission Sets
Modifying Association with Users/Groups and Permission Sets
Removing Access Permissions and Permission Sets
Attribute-based Access Control (ABAC)
ABAC Overview and Configuration Process
Enabling and Configuring Access Control Attributes
Creating Permissions Policies for ABAC
Supported User Attributes
Identity Source Management
Changing the Identity Source
Customizing User Portal URL
Configuring an External Identity Provider
Overview of External Identity Providers
Modifying SAML 2.0 Configuration
Enabling or Disabling SCIM Automatic Provisioning
Enabling Manual Provisioning
Rotating Certificates
Supported Identity Providers
Application Access Management
Adding an Application
Mapping Attributes
Assigning User/Group Access to Applications
Removing User/Group Access to Applications
IAM Identity Center Resetting
MFA Management
MFA Overview
MFA Authentication
Enabling MFA
Selecting an MFA Type
Configuring MFA Device Enforcement
Allowing Users to Bind Their Own MFA Devices
MFA Configuration
Binding an MFA Device
Managing a User's MFA Device
Using IAM to Grant Access to IAM Identity Center
Creating a User and Granting IAM Identity Center Permissions
Creating IAM Custom Policies for IAM Identity Center
Using CTS to Audit IAM Identity Center Operations
Key Operations Supported by CTS
Viewing CTS Traces in the Trace List
Quotas
API Reference
Before You Start
API Overview
Calling APIs
Making an API Request
Authentication
Response
API
Instance Management
Listing Instances
Querying the Region Where a Service Instance Is Enabled
Obtaining Identity Source Configurations
Selecting a Region for Enabling a Service Instance
Querying Service Instance Status
Enabling an IAM Identity Center Instance
Deleting a Service Instance
Setting a Custom Portal URL
Updating HA Function Configurations
Querying HA Configurations
Access Control Attribute Management
Enabling Access Control Attributes for a Specified Instance
Obtaining Access Control Attributes for a Specified Instance
Updating Access Control Attributes for a Specified Instance
Disabling Access Control Attributes for a Specified Instance
Permission Set Management
Adding a System-defined Identity Policy
Deleting a Permission Set
Querying Permission Set Details
Updating a Permission Set
Deleting a System-defined Identity Policy
Querying Details About a Custom Identity Policy
Adding a Custom Identity Policy
Deleting a Custom Identity Policy
Listing Accounts Associated with a Permission Set
Listing System-defined Identity Policies
Listing Pre-provisioning Statuses of Permission Sets
Listing Permission Sets
Creating a Permission Set
Listing Permission Sets Provisioned to an Account
Pre-provisioning a Permission Set
Querying Pre-attachment Status Details of a Permission Set
Adding a System-defined Policy
Deleting a System-defined Policy
Listing System-defined Policies
Querying Permission Set Quotas
Account Assignment Management
Removing Account Assignments
Querying Details about the Account Assignment Creation Status
Listing Account Assignment Creation Statuses
Listing Account Assignment Deletion Statuses
Listing Users or Groups Associated with an Account and a Permission Set
Creating Account Assignments
Querying Details about the Account Assignment Deletion Status
Listing Accounts Associated with a User or User Group
Disassociating All Account Authorizations from a User or Group
Tag Management
Listing Tags for the Specified Resource
Adding Tags to the Specified Resource
Removing the Specified Tag from the Specified Resource
Application Management
Creating an Application Instance
Listing Application Instances
Listing Preset Application Templates in the Application Directory
Listing Application Providers
Listing Application Templates
Querying Configurations of Application Assignment Attributes
Updating Display Information of an Application Instance
Uploading an Application Instance Metadata File
Updating Application Attribute Configurations
Updating Schema Attribute Mapping Configurations of an Application
Updating Service Provider Configurations for an Application Instance
Updating the Application Instance Status
Updating Certificate Configurations of an Application Instance
Querying Application Details
Listing Applications
Querying Application Instance Details
Deleting an Application Instance
Querying Application Provider Details
Listing Associations Between an Application Instance and a User or User Group
Deleting the Association Between an Application Instance and a User or User Group
Application Assignment Management
Listing Users or User Groups Assigned to an Application
Assigning a User or User Group to an Application
Deleting Users or User Groups Assigned to an Application
Listing Applications Associated with a User or User Group
Application Certificate Management
Activating Application Instance Certificates
Deleting an Application Instance Certificate
Creating an Application Instance Certificate
Listing Application Instance Certificates
Instance Configuration Management
Configuring an Instance
Querying Instance Configurations
MFA Configuration Management
Querying MFA Management Configurations
Configuring MFA Management
User Management
Creating a User
Sending an Email Containing a Password Reset Link or Generating a One-Time Password
Listing Users
Listing User Login Sessions
Deleting a User
Enabling a User
Querying User Details
Disabling a User
Deleting an MFA Device
Updating a User
Verifying a User's Email Address
Querying a User ID
Querying Details About Specified Users in Batches
Registering an MFA device
Listing MFA Devices of a User
Updating the Display Name of an MFA Device
Deleting User Login Sessions in Batches
Group Management
Creating a Group
Listing Groups
Deleting a Group
Updating a Group
Querying Group Details
Querying a Group ID
Querying Details About Specified User Groups in Batches
Group Membership Management
Adding a User to a Group
Listing Users in a Group
Listing Groups to which a User is Added
Removing a User from a Group
Querying the Group Membership
Querying the Group Membership ID
Querying Whether a User Is a Member of a Group
Identity Provider Management
Creating External Identity Provider Configurations
Querying External Identity Provider Configurations
Enabling an External Identity Provider
Disabling an External Identity Provider
Deleting Configurations of an External Identity Provider
Updating Configurations of an External Identity Provider
Listing External Identity Provider Certificates
Importing External Identity Provider Certificates
Deleting External Identity Provider Certificates
Automatic Provisioning Management
Enabling Automatic Provisioning
Checking Automatic Provisioning
Deleting Automatic Provisioning
Creating an Access Token
Listing Access Tokens
Deleting an Access Token
Identity Source Quota Management
Querying Identity Source Quotas
Custom Password Policy Management
Querying Custom Password Policies
Updating Custom Password Policies
SCIM User Management
Creating a User
Listing Users
Querying User Details
Deleting a User
Updating a User
Partially Updating a User
SCIM Group Management
Creating a Group
Listing Groups
Querying Group Details
Deleting a Group
Partially Updating a Group
Service Provider (SP) Management
Querying the SP Configuration
Creating a Service Provider Certificate
Listing Service Provider Certificates
Deleting a Service Provider Certificate
Activating a Service Provider Certificate
Querying Service Provider Configurations
Client Management
Registering a Client
Token Management
Creating a Token
Device Authorization Management
Requesting Device Authorization
Authorization Management
Logging Out of a User
Account Management
Listing Accounts
Agency Management
Listing Account Agencies
Credentials Management
Obtaining Agency Credentials
Appendixes
Status Codes
Error Codes
Obtaining Information About Account, IAM User, Group, Project, Region, and Agency
Configuring SDK Client Authentication
Best Practices
Multi-Account Identity and Permissions Management Using IAM Identity Center
General Reference
Glossary
Service Level Agreement
White Papers
Endpoints
Permissions