Using the Browser SSO OIDC Credentials Provider for IAM Identity Center

You can configure the connector to authenticate the connection using credentials obtained through the Browser SSO OIDC credentials provider for AWS IAM Identity Center. To do this, you must specify information related to your AWS IAM Identity Center instance, such as the Region, Start URL, Account ID, and Role Name.

To configure authentication using Browser SSO OIDC in Windows:

1. To access authentication options, open the ODBC Data Source Administrator where you created the DSN, then select the DSN, click Configure, and then click Authentication Options.
2. From the Authentication Type drop-down list, select BrowserSSOOIDC.
3. In the SSO Region field, type the AWS Region where your AWS IAM Identity Center instance is configured.
4. In the SSO Start URL field, type the AWS access portal URL for your AWS IAM Identity Center instance. You can find this value in the AWS IAM Identity Center console.
5. In the Account ID field, type the AWS account ID assigned to your AWS IAM Identity Center user.
6. In the Role Name field, type the role name (permission set) that you want to assume once authenticated through AWS IAM Identity Center.
   This role name must match a permission set assigned to your AWS IAM Identity Center user for the selected AWS account.
7. Optionally, in the Timeout (sec) field, type the maximum amount of time, in seconds, that the connector should wait while polling AWS IAM Identity Center to complete the device authorization flow.
8. To save your settings and close the Authentication Optiions dialog box, click OK.