BELLEVUE, Wash. — November 25, 2019 — Auth0, the identity platform for application builders, today announced its integration with Session Tags, a new IAM feature from AWS. This integration provides AWS users with access to the right information based on their user attributes, and reduces the number of AWS roles and permissions policies the administrator has to manage and update when employees’ responsibilities change.
Customers frequently manage their workforce identities using an identity provider (IdP), federating from it into AWS using industry standards such as SAML and OIDC. Now, with session tags, when users federate into AWS, Auth0 can be configured to send attributes — for example an environment tag, project tag, team tag, and cost center tag — which are then used to determine the correct IAM policies for controlling access to AWS resources.
Customers can rely on the attributes from their corporate directory and ensure each employee receives defined permissions based on those attributes during an AWS session, simplifying fine-grained access control. Customers are able to scale more quickly without the administrator burden, and have a verifiable audit trail for permissions-based changes.
“A lot of customers use attributed-based access control now, but are not able to make use of their existing IdPs to do so,” said Bill Lapcevic, VP of Business Development at Auth0. “Thanks to our integration with Session Tags, AWS IAM users will benefit from the ability to use existing attributes to automatically apply specified permissions, giving power back to the IdP as the source of truth for access control.”
Please visit our technical documentation on Session Tags for more details on how to implement this feature.
Auth0 provides a platform to authenticate, authorize, and secure access for applications, devices, and users. Security and development teams rely on Auth0's simplicity, extensibility, and expertise to make identity work for everyone. Safeguarding more than 4.5 billion login transactions each month, Auth0 secures identities so innovators can innovate, and empowers global enterprises to deliver trusted, superior digital experiences to their customers around the world.