Configuring single federated login to AWS using Google Apps using Users Patch API - Found array where value was expected

1
votes


Last week I followed the steps in the "How to configure single federated login to AWS using Google Apps" tutorial, and everything went as expected. Yesterday (2016-12-12) I returned to the panel to use the "Users: patch" Google API to set up new roles for my users based on the Schema SSO created according to the tutorial, but I was not able to execute the request as I had done the previous week.

The following error message is displayed in the "Try this API" panel:

"Found array where value was expected"

Here is an example of the request body as defined in the tutorial (Note - in this example I am using placeholders for the values ​​of the value and customType fields):

{
  "customSchemas": {
     "SSO": {
       "role": [
         {
          "value": "<my aws role ARN>,<my aws provider ARN>",
          "customType": "Developer"
         }
       ]
     }
   }
}

From what I understand the message is related to the role field. I would like to understand what changed from the previous week to yesterday and how should I configure the JSON for the "Users: patch" API according to the SSO Schema created the previous week?

2
amazon-web-servicessingle-sign-ongoogle-admin-sdkgoogle-directory-api
It seems that the request body has been changed....your body should look like this one { "customSchemas": { "SSO": { "value": "<my aws role ARN>,<my aws provider ARN>", "customType": "Developer" } } } - Hackerman
I just ran a test through the Users: Patch panel using the JSON body suggested by you and received a bad request (400) in response. From my point of view the bad request is correct, since the SSO schema that was created through the Schemas: insert panel in the tutorial defines the role property as an array of objects. - Daniel Martins
The problem appears to be related to the "Try this API" editor. The problem happens with any resource API. In the Users: list we can verify that the emails field is defined as an array of objects. But when trying to update the field in Users: Patch we received the same error message "found array where value was expected". - Daniel Martins
Did you know about the PostMan app?...maybe if you build the request directly on postman instead of using their Try this API endpoint...to me it looks like one google developer fu**d up the validation on that part - Hackerman
Yes I know. I just tried and it worked. This really is related to the "Try this API" panel of the Google Apps Admin SDK Directory API. Thanks you for your help. - Daniel Martins

2 Answers

2
votes

I was able to get to the "Freeform" editor and make the changes using this url instead of the one in the AWS documentation. I was having problems getting Postman to authenticate with google, which made this easier.

0
votes

I had to make some slight changes for this to work.

  1. I followed the steps from this article (same article OP used)

  2. I used this URL to get to the freeform editor (same link as above answer)

  3. In step 4 of the article, which is the step before the question posted by OP above, I used 'SAML' as the schemaName rather than 'SSO'

  4. I then used 'SAML' as the customSchema name in the question above, rather than 'SSO' and repeated the process with different email addresses for other users

  5. Followed the rest of the article and FINALLY my SSO to AWS from g-suite works.