AWS SSO as Enterprise SAML Connection

adam7 · May 1, 2020, 4:25pm

Hi,

I would like to configure AWS SSO as an Enterprise SAML Connection for one of our customers. I tried to cobble together the proper configuration by stealing bits of the examples here SAML Configuration but I have not been able to get it working yet.

Currently, clicking “Test” on my SAML Connection redirects to AWS SSO but then I get an error “Missing nameId format of subject”.

Do you have an example of configuring AWS SSO as an Enterprise SAML Connection?

Just to be clear, I’m not trying to configure Auth0 as my AWS IdP, so this document does not apply

adam7 · May 1, 2020, 4:48pm

Here is some more information on what I tried:

In AWS SSO:

configured a new application
set the Application ACS URL to https://<AUTH0 TENANT>.auth0.com/login/callback
set the Application SAML audience to urn:auth0:<AUTH0 TENANT>:<AUTH0 CONNECTION NAME>
download the cert
assign a user

In Auth0:

configured an Enterprise SAML Connection
choose IdP domains
uploaded the cert, pasted the Sign In and Sign Out URLs from AWS SSO