Obtaining 'base64-token' from Auth0 as Identity Provider

Hello Auth0 community!

I have spend a long time trying to setup Auth0 as identity provider t access AWS resources. But either my understanding is not enough or the documents are not enough.

Here is the problem, I use Auth0 for authentication for my server-less application. I use AWS for backend.

First I used a custom authorizer to access private API calls. This part was easy. Next I have to find a way to get temporary credentials from AWS STS so that users can upload pictures in S3.

From what I understood, first I should setup Auth0 as Identity provider and AWS as service provider. The same scenario as enabling SSO. Since inly articles about enabling SSO are available, I followed the article and could setup the SSO. ( Configure Amazon Web Services for Single Sign-On )

Now that AWS is Service provider and Auth0 is IdP, I should somehow be able to programmatically get the temporary access key and secret from AWS. There is no clear article about this.

If I want to send a request to AWS STS, I would need a base64-token provided by IdP. I can’t find a way to get that code:

AWS.config.credentials = new AWS.SAMLCredentials({
  RoleArn: 'arn:aws:iam::1234567890:role/SAMLRole',
  PrincipalArn: 'arn:aws:iam::1234567890:role/SAMLPrincipal',
 SAMLAssertion: 'base64-token', // base64-encoded token from IdP
});

Also, when I use lock to login, the returned access_token doesn’t contain SAML configurations.

If no one has a clue about this maybe it’s not possible to use Auth0 with AWS. I will change to using Google Auth directly. Hope to make this work for Auth0 in future.

Hey there @armanfatahi, I apologize for the delay in response. I wanted to reach out to see if you were able to get everything setup that need you needed to. If not, I am happy to help with any questions you may have. Also we have the following docs working with AWS Integrations.

I also found this on Amazon’s side of things:

Thanks!

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.