Accessing Zoho via AWS using SAML
By configuring SAML-based SSO with AWS, you can let your users sign in to Zoho using their AWS credentials.
Required items from AWS:
You will need the following items from AWS to configure SAML in Zoho. You can follow the configuration steps to get these from AWS.
- IAM Identity Center Certificate
- IAM Identity Center sign-in URL
Steps to configure SAML
A. Add an app in AWS
- Sign in to the IAM Identity Center as a root user (account owner).
- Under Application assignments in the left menu, click Applications.
- Click Add application.
- Under Preintegrated applications, search for the application.
- Select the required application, then click Next.
- Under IAM Identity Center metadata:
- Copy the IAM Identity Center sign-in URL.
- Download the IAM Identity Center Certificate.
B. Configure AWS details in Zoho
- In a new tab, sign in at accounts.zoho.com.
- Go to Organization from the left menu. If you can't find Organization, click View more.
- Under SAML Authentication, click Set up Now.
- Paste the copied IAM Identity Center sign-in URL in the Sign-in URL field and upload the IAM Identity Center Certificate in the X.509 Certificate field. Make sure the certificate is in one of these formats: based-64 coded .cer, .crt, .cert, or .pem file.
- Select the required service in the Zoho Service field.
- Click Configure.
- Click Download Metadata to download the metadata file.
C. Configure Zoho details in AWS
- Return to the App's page in the AWS portal.
- Under Application metadata, select Upload application SAML metadata file.
- Click Choose file, then upload the metadata file from the file browser.
- Click Submit.
Assign users to the app in AWS
Your users in AWS can use this newly configured Zoho app to sign in to Zoho. However, before that, you need to assign your users to this app. You can follow the instructions in the following AWS article to assign your users to the app.
Test the SAML configuration
You can request any of your organization's user (to whom the Zoho application is assigned) to test the SP-initiated and IdP-initiated flow using the following steps:
SP-initiated flow:
- Go to your Zoho sign-in page.
- Enter your email address, then click Next. You will be redirected to AWS for authentication.
- If you are not signed in to AWS already, enter your AWS credentials to sign in. You will now be redirected back to Zoho and will be signed in.
IdP-initiated flow:
- Go to the AWS access portal URL (The URL available in Dashboard page of the IAM Identity Center console).
- Click on the configured Zoho app. You will be redirected to Zoho and will be signed in.
---------------------------------------------------------------------------------------------------------------------------------------------
If you encounter any errors while signing in using SAML, you can refer to our troubleshooting guide.
Access your files securely from anywhere
Zoho CRM Training Programs
Learn how to use the best tools for sales force automation and better customer engagement from Zoho's implementation specialists.
Zoho DataPrep Personalized Demo
If you'd like a personalized walk-through of our data preparation tool, please request a demo and we'll be happy to show you how to get the best out of Zoho DataPrep.
- Zoho Workerly Home
- Forums
- Connect With Us:
- Zoho Recruit Home
- Forums
- Connect With Us:
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho Marketing Plus?
Everything you need to run your marketing
New to Zoho Marketing Plus?
Everything you need to run your marketing
You are currently viewing the help pages of Qntrl’s earlier version. Click here to view our latest version—Qntrl 3.0's help articles.
New to Zoho Survey?
Zoho Sheet Resources
Zoho Forms Resources
New to Zoho Sign?
Zoho Sign Resources
Sign, Paperless!
New to Zoho TeamInbox?
Zoho TeamInbox Resources
New to Zoho ZeptoMail?
Zoho DataPrep Resources
Design. Discuss. Deliver.
New to Zoho Workerly?
New to Zoho Recruit?
New to Zoho CRM?
New to Zoho Projects?
New to Zoho Sprints?
New to Zoho Assist?
New to Bigin?
Related Articles
Accessing Zoho via Microsoft Entra ID using SAML
By configuring SAML based SSO with Microsoft Entra ID, you can let your users sign in to Zoho using their Entra ID credentials. Required items from Microsoft Entra ID You will need the following items from Microsoft Entra ID to configure SAML in ...Accessing Zoho via Google using SAML
You can use Google as an identity provider (IdP) to access Zoho applications. Google IdP is a user management platform for Google Apps and services. Required items from Google You will need the following items from Google to configure SAML in Zoho. ...Accessing Zoho via Auth0 using SAML
By configuring SAML based SSO with Auth0, you can let your users sign in to Zoho using their Auth0 credentials. Required items from Auth0 You will need the following items from Auth0 to configure SAML in Zoho. You can follow the configuration steps ...Troubleshoot SAML related errors
Error Message Reason Solution Your organization has configured SAML authentication, please sign in via SAML credentials You cannot sign in to your Zoho account via any linked account, if your organization has mandated you to sign in only through SAML ...Accessing Zoho via Okta using SAML
You can configure SAML-based SSO with Okta as your identity provider (IdP) to let your users sign in to Zoho. Required items from Okta You will need the following items from Okta to configure SAML in Zoho. You can follow the configuration steps to ...
New to Zoho LandingPage?
Zoho LandingPage Resources