add another attribute with name "https://aws.amazon.com/SAML/Attributes/Role", type: String, Property Type: Static Value, Value: text that you are storing in text file 2.11. For example, arn:aws:iam::00000000:saml-provider/OpenIAM,arn:aws:iam::00000000:role/OpenIAM
3 Test User
3.1 Go to webconsole User Admin → Create new User
3.2 Fill the form with required fields. as a login select User name of account that exist in your AWS IAM. Select AWS SSO Provider role in Access Rules section. Save the user. Logout from OpenIAM.
3.3 Login with Test User. (default password is Password$51) to selfservice.
3.4 Navigate to My Applications. and Click AWS IDP. If you did all correct you will be signed in to AWS console.