Maybe this question is not appropriate for this forum, but I guess I’ll try my luck=)
We are trying out Keycloak and would like to integrate it with AWS IAM. We have followed the instructions (best described here). We are unable to get it work: we are always getting a “Your request included an invalid SAML response” from Amazon. Their documentation does not give much information, and the assumptions they list for valid SAML we do fulfill. We are at a loss here since we can’t really find anything else on the Internet to guide us. Has anyone else had the same?
Did you ever managed to solve this and if so what was cause? I’m experiencing the same & followed same article, I only did few differences that are not working as stated in that article. Thing I noticed in SAML response is that when I create
Role list all relam roles are being mapped as Role attributes (which I don’t want). I’m still not sure if that is main issue.
Hi! No, I’m sorry to say that we’ve ended up giving up on the issue for now since we were just examining Keycloak for possible future use. We probably will use Keycloak indeed, but I don’t know if we will be using it with AWS and how soon. In any case, it would be great to have this solved, but at the moment I can’t add anything here=(.
Hi, thanks on response! I’ve managed to solve my issue, problem was indeed in incorrect SAML Role Attributes. Issue is described SAML response Role Attribute containing (unexpected?) AttributeValue roles.