Okta verity error request for url: https://xxx.okta.com/api/v1/authn failed status: 401 Unauthorized

~ saml2aws login -a default --verbose DEBU[0000] Running command=login DEBU[0000] Check if creds exist. command=login DEBU[0000] Expand name=/Users/xxjlddbsj/.aws/credentials pkg=awsconfig DEBU[0000] resolveSymlink name=/Users/xxjlddbsj/.aws/credentials pkg=awsconfig DEBU[0000] ensureConfigExists filename=/Users/xxjlddbsj/.aws/credentials pkg=awsconfig Using IdP Account default to access Okta https://xxx.okta.com/home/amazon_aws/0oa1ra8anq5rBDvNe1d8/272 DEBU[0000] Get credentials helper=osxkeychain serverURL="https://xxx.okta.com/home/amazon_aws/0oa1ra8anq5rBDvNe1d8/272" DEBU[0000] Get credentials helper=osxkeychain user=xxx@xxx DEBU[0000] Get credentials helper=osxkeychain serverURL="https://xxx.okta.com/home/amazon_aws/0oa1ra8anq5rBDvNe1d8/272/sessionCookie" DEBU[0000] Get credentials helper=osxkeychain user=xxx@xxx To use saved password just hit enter. ? Username xxx@xxx.com ? Password

DEBU[0001] building provider command=login idpAccount="account {\n DisableSessions: false\n DisableRememberDevice: false\n URL: https://xxx.okta.com/home/amazon_aws/0oa1ra8anq5rBDvNe1d8/272\n Username: xxx@xxx\n Provider: Okta\n MFA: OKTA\n SkipVerify: false\n AmazonWebservicesURN: urn:amazon:webservices\n SessionDuration: 3600\n Profile: xxx\n RoleARN: \n Region: \n}" DEBU[0001] okta | disableSessions: false provider=okta DEBU[0001] okta | rememberDevice: true provider=okta Authenticating as xxx@xxx.com ... DEBU[0001] auth with session func called provider=okta DEBU[0001] validate session func called provider=okta DEBU[0001] HTTP Req URL="https://xxx.okta.com/api/v1/sessions/me" http=client method=GET DEBU[0003] HTTP Res Status="200 OK" http=client DEBU[0003] okta session established provider=okta DEBU[0003] valid okta session provider=okta DEBU[0003] HTTP Req URL="https://xxx.okta.com/home/amazon_aws/0oa1ra8anq5rBDvNe1d8/272" http=client method=GET DEBU[0004] HTTP Res Status="200 OK" http=client DEBU[0004] follow func called from auth with session func provider=okta DEBU[0004] HTTP Req URL="https://xxx.okta.com/home/amazon_aws/0oa1ra8anq5rBDvNe1d8/272" http=client method=GET DEBU[0006] HTTP Res Status="200 OK" http=client DEBU[0006] HTTP Req URL="https://xxx.okta.com/home/amazon_aws/0oa1ra8anq5rBDvNe1d8/272" http=client method=GET DEBU[0008] HTTP Res Status="200 OK" http=client DEBU[0008] HTTP Req URL="https://xxx.okta.com/api/v1/authn" http=client method=POST request for url: https://xxx.okta.com/api/v1/authn failed status: 401 Unauthorized github.com/versent/saml2aws/v2/pkg/provider.SuccessOrRedirectResponseValidator github.com/versent/saml2aws/v2/pkg/provider/http.go:168 github.com/versent/saml2aws/v2/pkg/provider.(HTTPClient).Do github.com/versent/saml2aws/v2/pkg/provider/http.go:113 github.com/versent/saml2aws/v2/pkg/provider/okta.(Client).primaryAuth github.com/versent/saml2aws/v2/pkg/provider/okta/okta.go:428 github.com/versent/saml2aws/v2/pkg/provider/okta.(Client).Authenticate github.com/versent/saml2aws/v2/pkg/provider/okta/okta.go:476 github.com/versent/saml2aws/v2/pkg/provider/okta.(Client).follow github.com/versent/saml2aws/v2/pkg/provider/okta/okta.go:569 github.com/versent/saml2aws/v2/pkg/provider/okta.(Client).authWithSession github.com/versent/saml2aws/v2/pkg/provider/okta/okta.go:337 github.com/versent/saml2aws/v2/pkg/provider/okta.(Client).Authenticate github.com/versent/saml2aws/v2/pkg/provider/okta/okta.go:465 github.com/versent/saml2aws/v2/cmd/saml2aws/commands.Login github.com/versent/saml2aws/v2/cmd/saml2aws/commands/login.go:107 main.main github.com/versent/saml2aws/v2/cmd/saml2aws/main.go:197 runtime.main runtime/proc.go:271 runtime.goexit runtime/asm_arm64.s:1222 error retrieving auth response github.com/versent/saml2aws/v2/pkg/provider/okta.(Client).primaryAuth github.com/versent/saml2aws/v2/pkg/provider/okta/okta.go:430 github.com/versent/saml2aws/v2/pkg/provider/okta.(Client).Authenticate github.com/versent/saml2aws/v2/pkg/provider/okta/okta.go:476 github.com/versent/saml2aws/v2/pkg/provider/okta.(Client).follow github.com/versent/saml2aws/v2/pkg/provider/okta/okta.go:569 github.com/versent/saml2aws/v2/pkg/provider/okta.(Client).authWithSession github.com/versent/saml2aws/v2/pkg/provider/okta/okta.go:337 github.com/versent/saml2aws/v2/pkg/provider/okta.(*Client).Authenticate github.com/versent/saml2aws/v2/pkg/provider/okta/okta.go:465 github.com/versent/saml2aws/v2/cmd/saml2aws/commands.Login github.com/versent/saml2aws/v2/cmd/saml2aws/commands/login.go:107 main.main github.com/versent/saml2aws/v2/cmd/saml2aws/main.go:197 runtime.main runtime/proc.go:271 runtime.goexit runtime/asm_arm64.s:1222 Error authenticating to IdP. github.com/versent/saml2aws/v2/cmd/saml2aws/commands.Login github.com/versent/saml2aws/v2/cmd/saml2aws/commands/login.go:109 main.main github.com/versent/saml2aws/v2/cmd/saml2aws/main.go:197 runtime.main runtime/proc.go:271 runtime.goexit runtime/asm_arm64.s:1222

.saml2aws file is

cat .saml2aws
[default]
name                    = default
app_id                  =
url                     = https://xxx.okta.com/home/amazon_aws/0oa1ra8anq5rBDvNe1d8/272
username                = xxx@xxx
provider                = Okta
mfa                     = OKTA
skip_verify             = false
timeout                 = 0
aws_urn                 = urn:amazon:webservices
aws_session_duration    = 3600
aws_profile             = saml
mfa_ip_address          =
resource_id             =
subdomain               =
role_arn                =
region                  =
http_attempts_count     =
http_retry_delay        =
credentials_file        =
saml_cache              = false
saml_cache_file         =
target_url              =
disable_remember_device = false
disable_sessions        = false
download_browser_driver = false
headless                = false
prompter                =

Versent / saml2aws

Okta verity error request for url: https://xxx.okta.com/api/v1/authn failed status: 401 Unauthorized #1339