saml2aws icon indicating copy to clipboard operation
saml2aws copied to clipboard
verified publisher icon Versent

Cant use saml2aws login ends up with Authentication failure

Open bharathkumar33 opened this issue 6 years ago • 6 comments

Hi Team

I am not able to use saml2aws on windows. while running saml2aws login I get below error message. It would be great if someone can help.

PS C:\temp> .\saml2aws.exe login Using IDP Account default to access ADFS https://siteurl/ To use saved password just hit enter. ? Username [email protected] ? Password ********** Authenticating as [email protected] ... error authenticating to IdP: error retrieving login response body: http: read on closed response body

bharathkumar33 avatar Jun 12 '19 23:06 bharathkumar33

I'm also facing the same issue on 2.15.0 on OSX. Reverting to 2.14.0 works.

shyam avatar Jul 11 '19 07:07 shyam

This issue is fixed on the latest versions (Verified with 2.16.0).

shyam avatar Jul 28 '19 09:07 shyam

I'm seeing this on 2.22.1. I can authenticate via browser but not via CLI.

omgaz avatar Feb 16 '20 23:02 omgaz

Have you tried taking a look at the output we are scraping? This is how https://github.com/Versent/saml2aws#debugging-issues-with-idps

Cheers

wolfeidau avatar Feb 16 '20 23:02 wolfeidau

Thanks @wolfeidau (next time rtfm, doh), that lead me to be able to debug. Managed to resolve:

Interestingly enough, username={my email address} doesn't work, neither does username={my user id}. However username={domain}\{my user id} works - which I don't need when I connect through the browser.

omgaz avatar Feb 17 '20 00:02 omgaz

For anyone having this in 2024 make sure the 2FA being used matches the same configured in saml2aws as it won't work when 2FA codes from another password manager are used. If the command doesn't ask for the codes delete passwords stored in the apple keychain.

ameza avatar Feb 13 '24 01:02 ameza

Closing as there is a workaround

mapkon avatar Jul 25 '24 23:07 mapkon