Auth0 assume AWS IAM role to launch AppStream 2.0


I’m looking for some help on configuring Auth0 to assume an AWS IAM role and call an AppStream 2.0 url, which is to launch a new session.

I can configure Auth0 and AWS SSO to integrate, so that an idp initiated login from Auth0 will bounce me to an authenticated/authorised SSO session, where I then publish an application to launch AppStream 2.0. The relay state in this case is https://appstream2.[aws region code][aws appstream stack name]&accountId=[aws account number]

There’s some specifics about the AWS IAM SAML provider ARN and role ARN that are asserted in the SAML request, which I gather I do via a rule, but I just can’t seem to get it to work. In truth, I can’t even get an Auth0 idp initiated login to the AWS console via the guide in the auth0 docs, so wondered if someone has done this or knows?