Skip to main content

Get Support
Have a question? Let's get you an answer!

How Do I...? Troubleshooting Code & Webhooks Developer Zone

Other Help Resources
Wait, there's more! Check out these Community sourced spaces for additional resources.

Zapier Help Center Hire an Expert

Learning Resources
All of our best learning resources can be found here.

Featured Articles Show & Tell Zapier's products AI Hub Zapier Tools Hub

Share your knowledge
Give back to the Community by sharing your automation wins and helping to answer questions.

Share your success See unanswered questions User Groups

Other Learning Resources
Some of our favorite additional ways to upskill your Zapier knowledge.

Zapier Learn Zapier Blog Zapier Webinars

Product Updates
Check out what is new and upcoming with Zapier with our regular product updates.

Product Updates

Early Access Program
Want to join Early Access? Learn more here.

Question

AWS IAM Identity Center (AWS SSO) + Zapier SAML SSO: Stuck on “No access” — Email mapping field URL / attribute mapping help

  • March 6, 2026
  • 1 reply
  • 17 views
V

Hi community!

Has anyone been able to configure SSO with AWS IAM Identity Center? I’ve been trying for two days and I can’t get past the “No access” error. I’ve already confirmed that the user (with the same email address) exists in both Identity Center and Zapier. I also verified that the Entity ID, SSO URL, and the Identity Provider Single Logout URL are correct, and that the user in Identity Center has access to the app—but nothing works.

I suspect the issue is with attribute mapping because Zapier asks for an “Email mapping field URL,” but in the XML for the SAML assertion generated by IAM Identity Center I don’t see any URL associated with saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" that I could use. I’ve tried everything from emailAddress, urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress, and saml2:NameID, and I still get the same error.

If anyone has managed to get this working, could you point me in the right direction on how to configure it correctly?

Best regards!

    1 reply

    朝勇AI创富系统

    For the "Unreachable" error you encounter in your AWS IAM Identity Center (formerly known as AWS SSO) integration with Zapier, as well as SAML attribute mapping concerns, here are some suggestions and troubleshooting directions that may help resolve the issue:Confirm Zapier's SAML attribute mapping requirements:Zapier usually requires a specific attribute (e.g., email, NameID, etc.) to be passed in the SAML assertion to identify the user. According to the official documentation, Zapier's SSO usually checks the email address field in the assertion, and most commonly by passing the email address in email format.saml2:NameIDCheck and configure the attribute mapping of IAM Identity Center:AWS IAM Identity Center passes standard SAML attributes by default, but sometimes you need to explicitly specify which attributes to pass in the Attribute Mapping section.Go to the IAM Identity Center console, find the Zapier application you configured, go to the Attribute Mapping or User Attributes configuration, and make sure that

    张总: 🎖☎️86+15077449968 💌zhang168801@qq.com
    Terms & ConditionsAccessibility statement