ARM Fedora 42 will ERROR unable to save CreateTokenResponse error="Object does not exist at path “/”", restart fixes until sleep #1268
Description
Output of aws-sso version:
aws-sso version
AWS SSO CLI Version 2.0.3 -- Copyright 2021-2025 Aaron Turner
5c1f920359c675b7ac7e7efb2b7459553207287e (v2.0.3) built at 2025-05-29T15:11:31+0000
Describe the bug:
Running aws-sso login prompts for keyring authentication, then completes authentication via the browser successfully. Returning to the terminal a error message is presented
To Reproduce:
aws-sso login
# auth keyring
# complete process
# see error response in terminal
Expected behavior:
Ability to execute aws-sso exec successfully after authorizing
Screenshots:
If applicable, add screenshots to help explain your problem.
Desktop (please complete the following information):
- OS: Fedora 42 via UTM (using QEMU 9.x) on MacBook Pro M3 host
Additional context:
Here is the output when using trace log level.
$ aws-sso login --lines --level=trace --config=~/.config/aws-sso/config.yaml
WARN storage/keyring.go:222 unable to load keyring data error="The specified item could not be found in the keyring"
DEBUG sso/awssso.go:94 loading SSO retries=10 maxBackoff=5
DEBUG sso/awssso_auth.go:49 no CreateTokenResponse for token-response:Default
TRACE sso/awssso_auth.go:73 Authenticate urlAction=open browser=""
TRACE sso/awssso_auth.go:96 reauthenticate() storeKey=Default
TRACE sso/awssso_auth.go:152 registerClient()
TRACE sso/awssso_auth.go:154 Checking cache for RegisterClientData storeKey=Default
TRACE sso/awssso_auth.go:169 Registering new client with AWS SSO ClientName=aws-sso-cli ClientType=public
TRACE sso/awssso_auth.go:174 Registered new client with AWS SSO ClientId=REDACTED ClientSecretExpiresAt=1764502339
TRACE sso/awssso_auth.go:184 SaveRegisterClientData start storeKey=Default
ERROR sso/awssso_auth.go:187 unable to save RegisterClientData storeKey=Default error="Object does not exist at path “/”"
TRACE sso/awssso_auth.go:189 SaveRegisterClientData complete storeKey=Default
TRACE sso/awssso_auth.go:101 <- reauthenticate()
TRACE sso/awssso_auth.go:196 startDeviceAuthorization() storeKey=Default
DEBUG sso/awssso_auth.go:215 Created OIDC device code storeKey=Default expires=600
Verify this code in your browser: FZVF-GJXX
TRACE sso/awssso_auth.go:104 <- reauthenticate()
TRACE sso/awssso_auth.go:230 getDeviceAuthInfo()
TRACE sso/awssso_auth.go:117 <- reauthenticate()
INFO url/url.go:247 Opening URL browser="default browser"
INFO sso/awssso_auth.go:129 Waiting for SSO authentication...
TRACE sso/awssso_auth.go:246 createToken()
ERROR sso/awssso_auth.go:300 unable to save CreateTokenResponse error="Object does not exist at path “/”"
Contents of your config (~/.aws-sso/config.yaml or ~/.config/aws-sso/config.yaml):
SSOConfig:
Default:
SSORegion: eu-west-1
StartUrl: https://d-936744760e.awsapps.com/start
AuthUrlAction: open
DefaultSSO: Default
DefaultRegion: us-east-1
ConsoleDuration: 720
CacheRefresh: 168
Threads: 5
MaxBackoff: 5
MaxRetry: 10
UrlAction: open
ConfigProfilesUrlAction: open
LogLevel: error
HistoryLimit: 10
HistoryMinutes: 1440
ProfileFormat: "{{ FirstItem .AccountName (.AccountAlias | nospace) }}:{{ .RoleName }}"
AccountPrimaryTag:
- AccountName
- AccountAlias
- Email
PromptColors:
descriptionbgcolor: Turquoise
descriptiontextcolor: Black
inputbgcolor: DefaultColor
inputtextcolor: DefaultColor
prefixbackgroundcolor: DefaultColor
prefixtextcolor: Blue
previewsuggestionbgcolor: DefaultColor
previewsuggestiontextcolor: Green
scrollbarbgcolor: Cyan
scrollbarthumbcolor: LightGrey
selecteddescriptionbgcolor: DarkGray
selecteddescriptiontextcolor: White
selectedsuggestionbgcolor: DarkGray
selectedsuggestiontextcolor: White
suggestionbgcolor: Cyan
suggestiontextcolor: White
ListFields:
- AccountIdPad
- AccountAlias
- RoleName
- Profile
- Expires
FullTextSearch: true
Did a restart of the instance and attempted aws-sso:
david@fedora:~/Projects$ aws-sso login --level=trace
WARN unable to load keyring data error="The specified item could not be found in the keyring"
DEBUG loading SSO retries=10 maxBackoff=5
DEBUG no CreateTokenResponse for token-response:Default
TRACE Authenticate urlAction=open browser=""
TRACE reauthenticate() storeKey=Default
TRACE registerClient()
TRACE Checking cache for RegisterClientData storeKey=Default
TRACE Registering new client with AWS SSO ClientName=aws-sso-cli ClientType=public
TRACE Registered new client with AWS SSO ClientId=REDACTED ClientSecretExpiresAt=1764242235
TRACE SaveRegisterClientData start storeKey=Default
TRACE SaveRegisterClientData complete storeKey=Default
TRACE <- reauthenticate()
TRACE startDeviceAuthorization() storeKey=Default
DEBUG Created OIDC device code storeKey=Default expires=600
Verify this code in your browser: VQQD-GJJH
TRACE <- reauthenticate()
TRACE getDeviceAuthInfo()
TRACE <- reauthenticate()
INFO Opening URL browser="default browser"
INFO Waiting for SSO authentication...
TRACE createToken()
david@fedora:~/Projects$ aws-sso login exec
> david@fedora:~/Projects$ aws-sso exec
Use <Up/Down Arrow> to highlight key/value and then <Space> to select.
Type `exit` or `Ctrl-D` to abort.
> AccountAlias worldline-gc-cicd-build-prod arn:aws:iam::891377244928:role/developerAdmin
david@fedora:~/Projects$ aws s3 ls
2024-05-19 22:02:43 aws-waf-logs-prd-toolbox-waf-logging-m590
2025-07-03 12:43:56 i2reports-prod-ap-south-1
2024-03-07 08:27:59 i2reports-prod-eu-west-1
2024-05-20 15:44:49 jenkins-conf...