Prepare AWS SSO to connect to RONIN

This article will guide you through the steps to create RONIN as an application in AWS SSO to prepare to have it connected to your RONIN login.

We will assume you have AWS SSO set up on an AWS account already and a RONIN deployed.

In the AWS console go to AWS SSO > and select Applications.

Click Add a new application button.

Select "Add a custom SAML 2.0 application.

Enter RONIN as the name for the application.

Below, we need to add the location of our Ronin UI and the details from the RONIN Cognito userpool.

Application start URL and Relay state = your Ronin UI address. (e.g. https://ronin.companyname.cloud)

Application ACS URL = Your domain in the app client of the userpool in the RONIN Cognito. (e.g. https://abc.auth.ap-southeast-2.amazoncognito.com/saml2/idpresponse)

Application SAML audience = The Ronin Cognito URN for your user pool. (e.g. urn:amazon:cognito:sp:<USERPOOL ID>)

The RONIN team can provide the above information to you.

Next, configure the attribute mapping to match below by adding ${user:email}

Now assign a group to allow members of this group to have access to the RONIN application.

...and we are done!

Talk to the RONIN team to configure the rest of the RONIN application.

Don Hancock