\\ Amazon supports custom SAML 2.0 applications. See [https://docs.aws.amazon.com/singlesignon/latest/userguide/samlapps.html]\\ \\ !1. Amazon SSO SAML 2.0 Configurations: \\ Open the IAM Identity Center Console [https://console.aws.amazon.com/singlesignon] and create a new custom application.\\ [custom_app.png]\\ \\ Configure the name, Application ACS URL, and SAML Audience, then submit the application.\\ {{{ Application ACS URL example: https://your.crushftp.com/?u=SSO_SAML&p=none }}}\\ {{{ SAML Audience example: https://your.crushftp.com/?u=SSO_SAML&p=none }}}\\ \\ [custom_app_settings.png]\\ \\ Configure the attribute mappings of your application.\\ \\ [custom_app_attribute_mappings_edit.png]\\ \\ Add new attribute mapping.\\ {{{ Maps to this string value or user attribute in IAM Identity Center: ${user:subject} }}}\\ [csutom_app_new_attribute.png]\\ \\ __Warning:__ Assign users/groups to the created application!\\ \\ [custom_app_assign_users.png]\\ \\ !2. SAMLSSO plugin configuration\\ \\ Download the IAM Identity Center SAML metadata file.\\ {{{ [CrushFTP settings] [Amazon SSO SAML 2.0 Configuration] SAML Provider URL (EntityID) -> entityID SAML Audience -> Application SAML audience IDP Redirect URL (HTTP-POST) -> SingleSignOnService SAML:2.0:bindings:HTTP-POST Location SAML Issuer -> IAM Identity Center SAML issuer URL Base64 encoded PEM Signing certificate -> X509Certificate value of IAM Identity Center SAML metadata XML file }}} \\ \\ [custom_app_crushftp_settings.png]\\ \\