- Newest
- Most votes
- Most comments
The error "Invalid SAML response received: Unable to contact the configured provider" signifies that Cognito is unable to establish a connection to the metadata endpoint of your SAML Identity provider (IdP) through provided metadata file /metadata url.
Please check if metadata file /metadata url has been updated for your SAML IdP and also make sure that SAML IdP metadata is publicly accessible through metadata url.
To troubleshoot this issue we require HAR file which is non-public information. Please open a support case with AWS using the following link and add your HAR log [1] for troubleshooting:
https://console.aws.amazon.com/support/home#/case/create
[1] https://repost.aws/knowledge-center/support-case-browser-har-file
Thanks for the insight @Vinay, I talked to the customer and in principle their IDP Metadata URL is valid and there is no firewall rule blocking it from being accessed online. So it must something wrong on Cognito implementation, I hope you can escalate this to the Cognito team to validate if there is something wrong in the implementation.
In the mean time, to fix this issue and not block user's capacity to SSO into our Cognito instance, I replaced the configuration from instead of using URL Metadata to now use the File metadata. I basically downloaded the file manually and uploaded it to Cognito. Now the SSO is working again.
Relevant content
- asked 7 years ago
- asked a year ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago