Error with AWS SNS Push Notifications for MFA

Problem statement

After making an accidental deploy to our AWS configuration which changed the name of the AWS IAM user used for Push Notification, the following error message started to occur when users attempted to go through the Push Notification flow:

“Guardian - There was an error sending the push notification”

Additionally, the following error is in the tenant logs:

“Error sending SNS request: Invalid parameter: TargetArn Reason: No endpoint found for the target arn specified”

How can this error be resolved?


As the error message suggests, when the credentials were renamed, access was lost to the original ARN, due to this the resource was not found and the error was returned.


The users with Push Notification will have to re-enroll to continue using that factor. Unfortunately, there is no way to update the SNS factor appropriately without the user re-enrolling.