saml2aws breaks when a valid 'default' profile is missing

[bcatubig]

Sorry if this is a dupe

Problem

saml2aws requires a valid default profile in the ~/.saml2aws config. If a valid default config section is not found, the program exits with an error message.

What should I expect to see?

saml2aws should work without a default profile defined in the ~/.saml2aws config file

Error

error building login details: failed to validate account: URL empty in idp account

Config

For right now, I have a dummy config in place for default

For my use case, I have to operate in many aws accounts across many okta accounts so the default profile does not suit my needs, which is why I initially chose to omit it.

[default]
app_id               =
url                  = https://google.com
username             = brandon.catubig
provider             = Okta
mfa                  = PUSH
skip_verify          = false
timeout              = 0
aws_urn              = urn:amazon:webservices
aws_session_duration = 3600
aws_profile          = default
resource_id          =
subdomain            =
role_arn             =
region               =
http_attempts_count  =
http_retry_delay     =

[jdelforno]

I've actually just spent the better part of 2 hours scratching my head looking at profiles in .saml2aws config across multiple IDPs trying to figure this out and I've just come across this.

Thanks for letting me know, I'm not crazy.

[dangol]

Commenting on an old closed ticket: I hit this same error and found command line order matters. In WSL2 Ubuntu and Macos using saml2aws 2.35.0 saml2aws login -a myprofile generated the URL empty in idp account message where as: saml2aws -a myprofile login functions perfectly