enable_sso

enable_sso(**kwargs)

Enables single sign-on for a directory. Single sign-on allows users in your directory to access certain Amazon Web Services services from a computer joined to the directory without having to enter their credentials separately.

See also: AWS API Documentation

Request Syntax

response = client.enable_sso(
    DirectoryId='string',
    UserName='string',
    Password='string'
)
Parameters
  • DirectoryId (string) --

    [REQUIRED]

    The identifier of the directory for which to enable single-sign on.

  • UserName (string) --

    The username of an alternate account to use to enable single-sign on. This is only used for AD Connector directories. This account must have privileges to add a service principal name.

    If the AD Connector service account does not have privileges to add a service principal name, you can specify an alternate account with the UserName and Password parameters. These credentials are only used to enable single sign-on and are not stored by the service. The AD Connector service account is not changed.

  • Password (string) -- The password of an alternate account to use to enable single-sign on. This is only used for AD Connector directories. For more information, see the UserName parameter.
Return type

dict

Returns

Response Syntax

{}

Response Structure

  • (dict) --

    Contains the results of the EnableSso operation.

Exceptions

  • DirectoryService.Client.exceptions.EntityDoesNotExistException
  • DirectoryService.Client.exceptions.InsufficientPermissionsException
  • DirectoryService.Client.exceptions.AuthenticationFailedException
  • DirectoryService.Client.exceptions.ClientException
  • DirectoryService.Client.exceptions.ServiceException