AWS Security ChangesHomeSearch

AWS singlesignon documentation change

Service: singlesignon · 2025-10-16 · Documentation low

File: singlesignon/latest/userguide/manage-your-identity-source-considerations.md

Summary

Updated documentation links to use more descriptive titles (e.g., changed 'Authentication in IAM Identity Center' to 'Understanding authentication sessions...') and simplified section references (e.g., 'Connect to a Microsoft AD directory' → 'Microsoft AD directory').

Security assessment

The changes are purely editorial improvements to link text and section references. While the content discusses user session persistence after deletion/disablement, this behavior was already documented, and the updates do not introduce new security guidance or address a specific vulnerability.

Diff

diff --git a/singlesignon/latest/userguide/manage-your-identity-source-considerations.md b/singlesignon/latest/userguide/manage-your-identity-source-considerations.md
index fdd7cc06c..eacd983a0 100644
--- a//singlesignon/latest/userguide/manage-your-identity-source-considerations.md
+++ b//singlesignon/latest/userguide/manage-your-identity-source-considerations.md
@@ -42 +42 @@ If you choose to not use Active Directory, you must create your users and groups
-  * If users are deleted or disabled in the IAM Identity Center console using Identity Store APIs, users with active sessions can continue to access integrated applications and accounts. For information about authentication session duration and user behavior, see [Authentication in IAM Identity Center](./authconcept.html).
+  * If users are deleted or disabled in the IAM Identity Center console using Identity Store APIs, users with active sessions can continue to access integrated applications and accounts. For information about authentication session duration and user behavior, see [Understanding authentication sessions in IAM Identity Center](./authconcept.html).
@@ -47 +47 @@ If you choose to not use Active Directory, you must create your users and groups
-For information about how IAM Identity Center provisions users and groups, see [Connect to a Microsoft AD directory](./manage-your-identity-source-ad.html).
+For information about how IAM Identity Center provisions users and groups, see [Microsoft AD directory](./manage-your-identity-source-ad.html).
@@ -63 +63 @@ If you change your identity source from IAM Identity Center to an external ident
-If users are deleted or disabled in the IAM Identity Center console using Identity Store APIs, users with active sessions can continue to access integrated applications and accounts. For information about authentication session duration and user behavior, see [Authentication in IAM Identity Center](./authconcept.html).
+If users are deleted or disabled in the IAM Identity Center console using Identity Store APIs, users with active sessions can continue to access integrated applications and accounts. For information about authentication session duration and user behavior, see [Understanding authentication sessions in IAM Identity Center](./authconcept.html).
@@ -72 +72 @@ You cannot revoke user sessions from the IAM Identity Center console after you'v
-For information about how IAM Identity Center provisions users and groups, see [Manage an external identity provider](./manage-your-identity-source-idp.html).
+For information about how IAM Identity Center provisions users and groups, see [External identity providers](./manage-your-identity-source-idp.html).
@@ -84 +84 @@ If you change your identity source from an external identity provider (IdP) to I
-If users are deleted or disabled in the IAM Identity Center console using Identity Store APIs, users with active sessions can continue to access integrated applications and accounts. For information about authentication session duration and user behavior, see [Authentication in IAM Identity Center](./authconcept.html).
+If users are deleted or disabled in the IAM Identity Center console using Identity Store APIs, users with active sessions can continue to access integrated applications and accounts. For information about authentication session duration and user behavior, see [Understanding authentication sessions in IAM Identity Center](./authconcept.html).
@@ -93 +93 @@ You will not be able to revoke user sessions from the IAM Identity Center consol
-For information about how IAM Identity Center provisions users and groups, see [Manage identities in IAM Identity Center](./manage-your-identity-source-sso.html).
+For information about how IAM Identity Center provisions users and groups, see [Manage users in the Identity Center directory](./manage-your-identity-source-sso.html).
@@ -107 +107 @@ These assertions must match the user names in IAM Identity Center when your user
-If users are deleted or disabled in the IAM Identity Center console using Identity Store APIs, users with active sessions can continue to access integrated applications and accounts. For information about authentication session duration and user behavior, see [Authentication in IAM Identity Center](./authconcept.html).
+If users are deleted or disabled in the IAM Identity Center console using Identity Store APIs, users with active sessions can continue to access integrated applications and accounts. For information about authentication session duration and user behavior, see [Understanding authentication sessions in IAM Identity Center](./authconcept.html).
@@ -116 +116 @@ You cannot revoke user sessions from the IAM Identity Center console after you'v
-For information about how IAM Identity Center provisions users and groups, see [Manage an external identity provider](./manage-your-identity-source-idp.html).
+For information about how IAM Identity Center provisions users and groups, see [External identity providers](./manage-your-identity-source-idp.html).
@@ -128 +128 @@ If you change your identity source from an external IdP to Active Directory, or
-  * If users are deleted or disabled in the IAM Identity Center console using Identity Store APIs, users with active sessions can continue to access integrated applications and accounts. For information about authentication session duration and user behavior, see [Authentication in IAM Identity Center](./authconcept.html).
+  * If users are deleted or disabled in the IAM Identity Center console using Identity Store APIs, users with active sessions can continue to access integrated applications and accounts. For information about authentication session duration and user behavior, see [Understanding authentication sessions in IAM Identity Center](./authconcept.html).
@@ -133 +133 @@ If you change your identity source from an external IdP to Active Directory, or
-For information about how IAM Identity Center provisions users and groups, see [Connect to a Microsoft AD directory](./manage-your-identity-source-ad.html).
+For information about how IAM Identity Center provisions users and groups, see [Microsoft AD directory](./manage-your-identity-source-ad.html).