Menu
I'm using AWS Cognito UI for login using authorization code grant flow and successfully getting the authorization code. But getting an 405 method not allowed error when post request is made to oauth2/token endpoint via postman
The app client is setup in Cognito User Pool with app secret passing appclientid:appclientsecret as authorization in base64 encoding.
929
A token endpoint is an HTTP endpoint that micropub clients can use to obtain an access token given an authorization code.
You can request an access token for a custom scope from the token endpoint when, in the app client, the requested scope is enabled, you have configured a client secret, and you have allowed client_credentials grants. Required. The ID of an app client in your user pool.
Amazon Cognito requires that your redirect URI use HTTPS, except for http://localhost , which you can set as a callback URL for testing purposes. Amazon Cognito also supports app callback URLs such as myapp://example .
As stated in the documentation:
Content-Type Must always be 'application/x-www-form-urlencoded'.
Source: https://docs.aws.amazon.com/cognito/latest/developerguide/token-endpoint.html
173
Use BasicAuth of Authentication and provide Username=client_id, Password=client_secret
Use POST method
Use Body = x-www-form-urlencoded
Dont forget to use State value in Body as well.
22
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
