Invalid Request when using Google with AWS VPN Client

phantom · March 26, 2021, 11:37am

I’ve added a new social connection to Google Apps. I can test this in the Try Connection and it works:

If you can see this page, it means that your connection works.

I have then connected this AWS IAM Identity Provider using the metadata xml file to population the entries. However, when I try to connect to AWS VPN Client which is using this Identity Provider I get the following error:

invalid_request: The SAML Request AssertionConsumerServiceURL is invalid: ‘http://127.0.0.1:35001’

What is going wrong and how can I fix it?

phantom · March 26, 2021, 4:09pm

Okay so I think I found the issue.

I had to add http://127.0.0.1:35001 to the Allowed Callback URLs in the application settings at auth0.

Now I get this error from the AWS VPN Client:

The credentials received were incorrect. Contact your IT administrator.

phantom · March 26, 2021, 4:38pm

So I solved it thanks to some posts already presented. I had to add custom SAML too.

Topic		Replies	Views
AWS SSO: The SAML Request AssertionConsumerServiceURL is invalid Help auth0 , login	11	5569	November 20, 2020
Help with configuration of AWS Client VPN with Saml Help saml , auth0 , login , aws , vpn	4	5663	December 2, 2020
Auth0 + AWS Identity Center SSO (for AWS CLI) Help sso , application	0	1648	January 22, 2023
Issue with AWS SAML Help	2	3242	August 26, 2019
Auth0 SSO for AWS service is not working Help auth0	2	3998	August 26, 2019

Invalid Request when using Google with AWS VPN Client

If you can see this page, it means that your connection works.

invalid_request: The SAML Request AssertionConsumerServiceURL is invalid: ‘http://127.0.0.1:35001’

The credentials received were incorrect. Contact your IT administrator.

Related topics