Using Firebase OpenID Connect provider as AWS IAM Identity Provider

Question

I get the following error while setting up Firebase as an AWS IAM Identity Provider using OpenID Connect.

We encountered the following errors while p

Answer 1

I contacted AWS support and they helped resolve the problem. Thanks to Shaun H @ AWS!

The solution to the problem is to use AWS CLI instead of AWS console to set up an OIDC provider.

I'm pasting relevant parts of Shaun's response below: 1.) Manually obtain and verify the thumbprint using the procedure described here[1].
"ThumbprintList" = "6040DB92306CC8BCEB31CACAC88D107430B16AFF"

2.) Create the OIDC identity provider using the AWS Cli [2]. For example: $ aws iam create-open-id-connect-provider --cli-input-json file://oidc.json Note - the format would be:
aud Audience Must be your Firebase project ID, the unique identifier for your Firebase project, which can be found in the URL of that project's console. iss Issuer Must be https://securetoken.google.com/<projectId>, where is the same project ID used for aud above.

Content for file://oidc.json: (replace with your Project ID)

{
    "Url": "https://securetoken.google.com/<Firebase Client ID>", 
    "ClientIDList": [ "<Firebase Client ID>" ], 
    "ThumbprintList": [ "6040DB92306CC8BCEB31CACAC88D107430B16AFF" ]
}

[1] http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_oidc_verify-thumbprint.html

[2] http://docs.aws.amazon.com/cli/latest/reference/iam/create-open-id-connect-provider.html