Menu
I have created a user pool and setup domain with app client settings () to host sign up and sign in pages in the cognito itself. When I tried using the url similar to -
https://myDomain.auth.us-east-1.amazoncognito.com/login?response_type=code&client_id=fkjfkasjfkasjfdweinfskfsfsfnk&redirect_uri=https://google.com
in the browser I am redirected to
https://myDomain.auth.us-east-1.amazoncognito.com/error?error=invalid_request#
Note: I tried using Cognito User Pool and Facebook identity providers without OAuth2 enabled.
Am I missing something?
790
Navigate to the App integration tab for your user pool. Next to Domain, choose Actions and select either Create custom domain or Create Cognito domain. If you have already configured a user pool domain, choose Delete Cognito domain or Delete custom domain before creating your new custom domain. Choose Create.
A callback URL indicates where the user will be redirected after a successful sign-in. Enter Sign out URL(s). A sign-out URL indicates where your user will be redirected after signing out. Select Authorization code grant to return an authorization code that is then exchanged for user pool tokens.
Short description. User pools are for authentication (identity verification). With a user pool, your app users can sign in through the user pool or federate through a third-party identity provider (IdP). Identity pools are for authorization (access control).
It works for me with following User Pool settings.
App integration
App client settings
Enabled Identity Providers
☑ Facebook ☑ Cognito User Pool
Callback URL(s)
https://google.com
OAuth 2.0
Allowed OAuth Flows
☑ Authorization code grant ☐ Implicit grant ☐ Client credentials
Allowed OAuth Scopes
☐ phone ☐ email ☑ openid ☐ aws.cognito.signin.user.admin ☐ profile
You're doing everything correct from what you've describe, but you should check the following,
Have you added https://google.com in App Client Setting as Callback URL?
Have you checked your Identity Provider in Enabled Identity Providers?
In Allowed OAuth Flows, you must have checked "Authorization Code Grant".
24
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
