SSO Authentication


We’d like to share dashboards with SSO users. Is there a way to create the SSO user in Quicksight before he logs in to Quicksight the first time?

The ask is, we want to give access to specific users for specific dashboards even before they sign in for the first time.

Hi @Ramkishore1999 First of all, welcome to the QuickSight community :slight_smile:

Have you looked at the newly launched QuickSight integration with AWS IAM Identity Center? Simplify business intelligence identity management with Amazon QuickSight and AWS IAM Identity Center | AWS Business Intelligence Blog

Using the integration above, to achieve what you’re trying to do - add people to relevant groups within your IdP and use those groups within QuickSight to assign permissions. Let us know if this helps?

Note: the above integration with AWS IAM Identity Center only works during the sign up for a new QuickSight account at the moment

1 Like

hi @SD_QS & @Ramkishore1999

Yes, it is possible to create SSO user in QuickSight using APIs before the user logs in.

Below is the CLI command on how to do it:

aws quicksight register-user
–identity-type IAM
–email email
–user-role <> (ADMIN,AUTHOR,READER)
–aws-account-id accountid
–namespace default
–iam-arn arn:aws:iam:::role/QuicksightFederatedRole
–session-name username

This is the safest way to onboard users and share the assets you would like to share, add them to groups etc.

And when the users logs in for the first time, they would have access to all the required assets.




Thank you for the response! Is there any alternative other than using the CLI command prompt.