From 5b487d7b9fc8971f2b2bf6152692591c4be3cd7b Mon Sep 17 00:00:00 2001
From: Mikael Knutsson <mikael.knutsson@gmail.com>
Date: Sat, 2 Nov 2019 01:29:22 +0800
Subject: [PATCH] Use regional endpoints for STS #225 (#242)

---
 lib/okta.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/okta.go b/lib/okta.go
index 96653a47..20b40390 100644
--- a/lib/okta.go
+++ b/lib/okta.go
@@ -218,7 +218,8 @@ func (o *OktaClient) AuthenticateProfileWithRegion(profileARN string, duration t
 	if region != "" {
 		log.Debugf("Using region: %s\n", region)
 		conf := &aws.Config{
-			Region: aws.String(region),
+			Region:   aws.String(region),
+			Endpoint: aws.String(fmt.Sprintf("https://sts.%s.amazonaws.com", region)),
 		}
 		samlSess = session.Must(session.NewSession(conf))
 	} else {
@@ -251,9 +252,8 @@ func (o *OktaClient) AuthenticateProfileWithRegion(profileARN string, duration t
 	return *samlResp.Credentials, sessionCookie, nil
 }
 
-
 func (o *OktaClient) AuthenticateProfile(profileARN string, duration time.Duration) (sts.Credentials, string, error) {
-    return o.AuthenticateProfileWithRegion(profileARN, duration, "")
+	return o.AuthenticateProfileWithRegion(profileARN, duration, "")
 }
 
 func selectMFADeviceFromConfig(o *OktaClient) (*OktaUserAuthnFactor, error) {