Automating User Creation in Amazon Connect via Active Directory Integration

Question

I'm currently working on a project that involves integrating Active Directory (AD) with Amazon Connect to streamline user login and authentication. I’m aware that Amazon Connect offers the option to link to an existing Active Directory via the "Link to existing directories" feature, but I’m looking for more details on how user management works in this setup.

Specifically, I’d like to know:

Is the creation of users in Amazon Connect automated once a new user is added to Active Directory? For instance, if a user is created or updated in AD, are they automatically provisioned in Amazon Connect with the appropriate permissions and profiles?
Or is manual intervention required to create or update users in Amazon Connect after they’ve been added in AD?

I'm trying to reduce manual overhead and would like to implement this in a way that ensures user provisioning is as seamless as possible. If anyone has experience with this integration or knows of any official documentation that covers this process, I would appreciate your guidance.

Thanks in advance for your help!

Not much info I found except docs.aws.amazon.com/connect/latest/adminguide/… . I suspect some manual/custom work would be needed for Amazon Connect specific features: for example associating users with routing/security profile. — gamliela
– gamliela, Commented Oct 24, 2024 at 5:42
Hi, I have found out with AWS Support this guide aws.amazon.com/it/blogs/contact-center/… I don't know if it can be useful. @gamliela — Felice Coppola
– Felice Coppola, Commented Oct 30, 2024 at 14:47

Mitch · Accepted Answer · 2024-11-08 14:12:51Z

0

AD integration is for authentication only. User provisioning is still done in Amazon Connect Console. There are API's to create users if you want to automate provisioning, but that doesn't come "out of the box".

Workflow for a new user:

Create a new user in Active Directory
Create a new user in Amazon Connect with the same UPN (case sensitive)
User can login without creating a password in Amazon Connect

answered Nov 8, 2024 at 14:12

Mitch

22.6k8 gold badges69 silver badges99 bronze badges

Sign up to request clarification or add additional context in comments.

1 Comment

Felice Coppola Over a year ago

Thanks for your answer, I have found out with AWS Support that is possible integrate AD and Amazon Connect with SCIM protocol to automate user management. Basically, you can deploy an api gw endpoint (scim endpoint on aws) and share this info with AD. So, when you create a new user (or update or delete) on AD with SCIM endpoint you can call API gateway that will invoke AWS Lambda to create or delete or update user on Connect, automatically. I hope it s clear

Chris · Accepted Answer · 2025-04-16 12:20:01Z

0

There is a design pattern published for this. I haven't implemented it myself yet so I can't speak on the nuance but as advertised it does scim provisioning of users via Okta. Same concept could conceptually be applied to other tech stacks.

https://github.com/aws-samples/amazon-connect-user-provision-with-okta

answered Apr 16 at 12:20

Chris

7065 silver badges12 bronze badges

Collectives™ on Stack Overflow

Automating User Creation in Amazon Connect via Active Directory Integration

2 Answers 2

1 Comment

Comments

Your Answer

Hot Network Questions

Collectives™ on Stack Overflow

2 Answers 2

1 Comment

Comments

Your Answer

Sign up or log in

Post as a guest

Related