AWS IAM Identity Center provisioning flow fails with the following error visible in the Okta dashboard:

An error occurred while provisioning AWS IAM Identity Center
Automatic provisioning of user to app AWS IAM Identity Center failed: Error while creating user: Conflict. Errors reported by remote server: Refused to create a new, duplicate resource.
 

• AWS IAM Identity Center

• Provisioning

• Error

This error Errors reported by remote server: Refused to create a new, duplicate resource is returned by the AWS API endpoint.

This error is generated because:

• The affected user has a misspelled username that was originally submitted from a different source of truth, and that account was disabled in AWS.
  
  Or,

• The affected user already has an active account on the AWS side.

1. Please open a support case with AWS Support. They will be able to assist to investigate what conflict is actually causing the error for the affected user and delete that partial match in AWS.

2. Afterward, attempt the user provisioning again. Go to Okta Admin Console and navigate to Dashboard -> Tasks. Any failed assignments should appear under Tasks.  

3. After identifying the failed task for the user that should be retried, click on Retry Selected.

4. If the issue still persists, then please contact AWS support for more details and steps on how to resolve this error.

Related References

• AWS: Configuration Guide