Invalid Request when using Google with AWS VPN Client

I’ve added a new social connection to Google Apps. I can test this in the Try Connection and it works:

If you can see this page, it means that your connection works.

I have then connected this AWS IAM Identity Provider using the metadata xml file to population the entries. However, when I try to connect to AWS VPN Client which is using this Identity Provider I get the following error:

invalid_request: The SAML Request AssertionConsumerServiceURL is invalid: ‘http://127.0.0.1:35001

What is going wrong and how can I fix it?

Okay so I think I found the issue.

I had to add http://127.0.0.1:35001 to the Allowed Callback URLs in the application settings at auth0.

Now I get this error from the AWS VPN Client:

The credentials received were incorrect. Contact your IT administrator.

So I solved it thanks to some posts already presented. I had to add custom SAML too.