The security team at Global Dynamics has set up SAML 2.0 federation between their Active Directory and AWS, but only the architect can access AWS, not the test users. Which items should the solutions architect check to ensure identity federation is properly configured? (Choose three.)