Invalid Request when using Google with AWS VPN Client

phantom · March 26, 2021, 11:37am

I’ve added a new social connection to Google Apps. I can test this in the Try Connection and it works:

If you can see this page, it means that your connection works.

I have then connected this AWS IAM Identity Provider using the metadata xml file to population the entries. However, when I try to connect to AWS VPN Client which is using this Identity Provider I get the following error:

invalid_request: The SAML Request AssertionConsumerServiceURL is invalid: ‘http://127.0.0.1:35001’

What is going wrong and how can I fix it?

phantom · March 26, 2021, 4:09pm

Okay so I think I found the issue.

I had to add http://127.0.0.1:35001 to the Allowed Callback URLs in the application settings at auth0.

Now I get this error from the AWS VPN Client:

The credentials received were incorrect. Contact your IT administrator.

phantom · March 26, 2021, 4:38pm

So I solved it thanks to some posts already presented. I had to add custom SAML too.