AWS Security ChangesHomeSearch

AWS singlesignon medium security documentation change

Service: singlesignon · 2025-10-22 · Security-related medium

File: singlesignon/latest/userguide/customermanagedapps-saml2-oauth2.md

Summary

Added note about lack of SAML authentication request signature validation support

Security assessment

Explicitly documents a security limitation where IAM Identity Center cannot validate SAML request signatures, which could impact authentication integrity if not properly mitigated by customers.

Diff

diff --git a/singlesignon/latest/userguide/customermanagedapps-saml2-oauth2.md b/singlesignon/latest/userguide/customermanagedapps-saml2-oauth2.md
index 8d09b3839..d02eca08c 100644
--- a//singlesignon/latest/userguide/customermanagedapps-saml2-oauth2.md
+++ b//singlesignon/latest/userguide/customermanagedapps-saml2-oauth2.md
@@ -23,0 +24,4 @@ SAML 2.0 is an industry standard used for securely exchanging SAML assertions th
+###### Note
+
+IAM Identity Center does not support validating signatures of incoming SAML authentication requests from SAML applications.
+