"It's not you, it's us" with Okta as IdP for AWS SSO


After trying to access AWS account via Okta, users are getting the "It's not you, it's us We couldn't complete your request right now. Please try again later." message. It's been occurring for more than a week. Integration was configured by following this guide: https://docs.aws.amazon.com/singlesignon/latest/userguide/okta-idp.html and previously worked fine with another AWS account.

asked 7 months ago452 views
1 Answer

Check cloudtrail for this API call: ExternalIdPDirectoryLogin

The common reasons for this error are

  • Clock skew
  • mismatch in the saml xml file between idp and sp
answered 3 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions