AWS IAM announces support for encrypted SAML assertions

Today, AWS Identity and Access Management (IAM) announced support for encrypted SAML assertions. SAML is an open standard that many identity providers (IdPs) use for federated single sign-on (SSO), enabling users or applications in your company to log into the AWS Management Console or call AWS API operations. You can now configure your identity provider to encrypt the SAML assertions that it sends to IAM. This ensures that your assertions are encrypted when passed through intermediaries (for example, the end user’s web browser). You can use the AWS IAM console, APIs, or CLI to configure SAML encryption for your identity providers that support encryption. Please refer to [IAM](https://docs.aws.amazon.com/IAM/latest/UserGuide/id%5Froles%5Fproviders%5Fcreate%5Fsaml.html) and your identity provider’s product documentation for detailed configuration steps. This feature is available in all AWS commercial and AWS GovCloud (US) Regions. To learn more, please refer to [IAM documentation](https://docs.aws.amazon.com/IAM/latest/UserGuide/introduction.html).