Entra-SSOยถ
TOCยถ
- Entra-SSO
- TOC
- Resolving "name: The attribute name is required" Error in AWS IAM Identity Center SSO Mapping
Resolving "name: The attribute name is required" Error in AWS IAM Identity Center SSO Mappingยถ
When syncing users from Microsoft Entra ID (formerly Azure AD) to AWS IAM Identity Center, you may encounter the error:
"name: The attribute name is required"
This issue occurs when the required user attributes are not properly mapped between Microsoft Entra ID and AWS IAM Identity Center. The most common cause is the absence of a mapping for the username attribute.
๐ ๏ธ Solution: Attribute Mapping Stepsยถ
Follow these steps to correctly map user attributes and resolve the error:
-
Access the AWS IAM Identity Center Application
- In the Microsoft Entra admin center, open the AWS IAM Identity Center application configured for SSO.
-
Navigate to Provisioning
- Go to the Provisioning section within the application settings.
-
Edit Attribute Mappings
- Locate the mapping for "Synchronize Azure Active Directory Users to AWS IAM Identity Center."
- Ensure the following attribute mappings are configured:
Source Attribute (Entra ID) Target Attribute (AWS) mailoruserPrincipalNameuserNamedisplayNamedisplayNamegivenNamename.givenNamesurnamename.familyNameChoosing the Username Attribute
You can use either
mailoruserPrincipalNameas the source for the AWSuserNameattribute, depending on your organization's preference. -
Save and Sync
- Save the changes to the attribute mappings.
- Initiate a manual sync or wait for the next scheduled sync.
Propagation Delay
Changes to attribute mappings may take several minutes to propagate. If users do not sync immediately, wait or trigger a manual sync.