Sentry SAML2 with AWS SSO



I am using sentry 9.0 on-premise with the SAML-2 auth provider.
I try to set it up with Amazon’s AWS SSO service.

I created a new Application inside AWS SSO and downloaded the AWS SSO metadata. I pasted this metadata into the “Register Identity Provider” wizard part of sentry. Everything works fine. But then I notice that AWS requires the following Application metadata:

  • Application ACS URL
  • Application SAML audience

I queried the endpoint “saml/metadata//” and retrieved the ACS URL. However, I do not find the SAML audience.

Does someone know what the audience in this scenario is?
Did someone out here manage to get sentry’s SAML-2 authentication work with AWS SSO?

Best Regards,