How Pump handles SSO

Here are steps to successfully setting up SSO

Before the call (~5 minutes):

Customer provides Pump with an email address to use for the root-user of the delegated administrator account, and the region they would like SSO set up in.
Pump provisions an organization with the delegated admin account and SSO enabled in specified region.
Customer logs in to the delegated admin account with the email provided, and does a ‘forgot my password’ process to set a password.

On the call with Pump Solutions Architect (30-45 minute call):

While screen-sharing, customer logs into their current management account and runs an export script in IAM Identity Center to download their current users, groups, and permissions.
Customer logs into the new, delegated administrator account and runs an import script to upload their users, groups, and permissions into the new organization.
If using a third party, customer creates a new application that links to the new IAM Identity Center.
Customer tests SSO access.

Last updated 21 days ago