Hi,
I have followed these instructions to the letter Configure Amazon Web Services for Single Sign-On, but after logging in to auth0 via the hosted login page I’m re-directed to the AWS SAML login screen with the following error:
Specified provider doesn't exist (Service: AWSOpenIdDiscoveryService; Status Code: 400; Error Code: AuthSamlManifestNotFoundException; Request ID: c5933149-eb23-11e7-a7de-af9e87aed2c3) (Service: AWSSecurityTokenService; Status Code: 400; Error Code: InvalidIdentityToken; Request ID: c59183be-eb23-11e7-9c29-cb0b29977211). Please try again.
I have copied and pasted the ARN of the IDP directly from IAM into the appropriate rules function per the Auth0 instructions like so:
`function (user, context, callback) {
user.awsRole = ‘arn:aws-us-gov:iam::redacted:role/auth0-admin-role,arn:aws-us-gov:iam::redacted:saml-provider/auth0SamlProvider’;
user.awsRoleSession = user.aws_id;
context.samlConfiguration.mappings = {
‘https://aws.amazon.com/SAML/Attributes/Role’: ‘awsRole’,
‘https://aws.amazon.com/SAML/Attributes/RoleSessionName’: ‘awsRoleSession’
};
callback(null, user, context);
}`
I’m wondering now if the this has something to do with us using an AWS GovCloud account or if I’ve somehow managed to miss a step. Or maybe I’m misinterpreting the error message. Any help would be greatly appreciated. Thank you.