No OpenIDConnect provider found in your account



I am trying to setup integration with Azure but am receiving the following error:

<ErrorResponse xmlns="">
    <Message>No OpenIDConnect provider found in your account for<REMOVED_FOR_FORUM_POST>/v2.0/</Message>

I am just making a simple cURL call:  
_curl "<MY_TENANT_ID>:role/AWS-TEST-OIDC-AZURE&WebIdentityToken=<THE_TOKEN_PROVIDED>&Version=2011-06-15"_  
I have followed the instructions posted at (and the pages surrounding it).  
The OIDC provider is correctly setup, the role is correctly setup, the role is correctly defined.  
See also RequestID 5e2a5284-0aaa-11e8-8b03-53c6fa7390a4 which is with an alternate config, but still does not work,  
Edited by: devrandom on Feb 5, 2018 7:29 PM
asked 5 years ago1982 views
1 Answer

I had the same problem and it was difficult to troubleshoot. My problem appears to have been leaving a trailing slash in the oidc provider URL as part of the identity provider setup.

not working:

Changing the trust policy to include the trailing slash did not fix the issue either - the only way I could solve this issue was to delete the OIDC provider and re-create it without the trailing slash.

The exact error message I was seeing:
InvalidIdentityTokenException: An error occurred (InvalidIdentityToken) when calling the AssumeRoleWithWebIdentity operation: No OpenIDConnect provider found in your account for <provider>

The hint was the error message did not display the trailing slash no matter what was in the trust policy.

answered 5 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions