When setting up the Amazon Web Services (AWS) Account Federation application using Security Assertion Markup Language (SAML) 2.0 from the Okta Integration Network (OIN), the following error message is returned when accessing the AWS application:

It's not you, it's us

We couldn't complete your request right now. Please try again later!

• Amazon Web Services (AWS)
• Account Federation
• Security Assertion Markup Language (SAML) 2.0

One known reason for the error message is that a value was inserted on the Okta side for the ACS URL (optional & only relevant to SAML SSO) field under the Sign on tab. 

• Per the SAML Setup Instructions under Step 4.1
  
  • Select the Environment Type from the dropdown menu. If the environment type is not listed, set the desired ACS URL in the ACS URL field. NOTE: The ACS URL field is optional; if the environment type is listed in the dropdown, there is no need to enter the ACS URL.
• Removing an ACS URL that might be populated has been seen to resolve the issue.