I was attempting to follow https://support.google.com/a/answer/6194963 and https://aws.amazon.com/blogs/security/how-to-set-up-federated-single-sign-on-to-aws-using-google-apps/ to set up SSO from a G Suite account to an AWS account. The AWS documentation was a little outdated on the google end ( so was Google’s ) but I eventually got it going. But the thing that gave me the most issue was the error ‘not_a_saml_app’ from Google when following the App link to my newly configured Saml app.

I did some sleuthing and could only come up with one reference to this issue, https://productforums.google.com/forum/#!topic/apps/J1ek7VY1FzA;context-place=forum/Apps. The thread is locked and it doesn’t offer a solution, but it suggests talking to Google Suite support, which I did. The tech on the other end of the chat didn’t know what it meant either, but I had noticed I got the same error if I changed the Saml App ID in the URL to a bogus but valid-looking value ( like adding a number). This made me hypothesize that the problem was a lag in distributing the settings on Google’s end.

Sure enough, this error disappeared within a few hours. I hope this page can help someone else in the same position.