Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Cognito - Client is not enabled for OAuth2.0 flows

Tags:

c#

http

reverse-proxy

amazon-web-services

amazon-cognito

I've successfully set up an AWS Cognito environment that runs on Localhost following this tutorial.

For the next step, I published the app to my external web server. I confirmed that the Cognito configuration (i.e. Client ID, Metadata Address, Region, etc) is correct. However, when I access and try to sign into the newly published public site I receive the follow error: " Client is not enabled for OAuth2.0 flows."

Client is not enabled for OAuth2.0 flows

EDIT:

Here are my App Client Settings

App Client Settings

I would like help with what I should look into in the AWS Cognito config or the Server config settings. The server is NOT using a load balancer. I believe the issue may lie somewhere in the Reverse Proxy or HTTPS settings.

like image 405
objectively C Avatar asked Feb 13 '20 13:02

objectively C

People also ask

Does AWS Cognito support oauth2?

In addition to using the Amazon Cognito-specific user APIs to authenticate users, Amazon Cognito user pools also support the OAuth 2.0 authorization framework for authenticating users.

How do I find my Cognito client ID?

The User Pool Client ID is available from the Amazon Cognito User Pools console in the App Clients section. You should create an App Client if it doesn't already exist. Make sure to uncheck the "Generate client secret" box.

What is a Cognito user pool client?

A User Pool Client resource represents an Amazon Cognito User Pool Client that provides a way to generate authentication tokens used to authorize a user for an application. Configuring a User Pool Client then connecting it to a User Pool will generate to a User Pool client ID.

2 Answers

I have seen this issue before. When making the request to Cognito, please take a close look at the redirect URL/ Call back URL you are specifying. If I remember correctly, I have seen this issue if you have a trailing '/' or a missing '/' in the redirect URL depending on what you have specified in the App Client Settings.

like image 155
callo Avatar answered Sep 21 '22 14:09

callo

This also occurs when you set up Cognito using Cloudformation or AWS SAM, and forgot to enable AllowedOAuthFlowsUserPoolClient property to true.

Resources:
  FooBarUserPoolClient:
    Type: AWS::Cognito::UserPoolClient
    Properties:
      AllowedOAuthFlowsUserPoolClient: True # Set here
like image 28
hakatashi Avatar answered Sep 22 '22 14:09

hakatashi
Sign in to Comment

Related questions

Are there any multipart/form-data parser in C# - (NO ASP)
ServerManager How to get site's physical path on disk?
Custom dialog box in C#?
if strings are immutable in c#, how come I am doing this?
Retries in Catch block?
How to show a data template on a content control?
commandline argument parameter limitation
Linq orderyby boolean
Write Rows from DataTable to Text File
Downloading files Using FtpWebRequest
Why am i using UpdateSourceTrigger=PropertyChanged ,TwoWay is not enough?
Limit the size of a generic collection?
Timestamp query in Azure
Microsoft.Office.Interop.Excel: How to Apply a border to ONE CELL
ASP.NET MVC routing not working
Unit testing a WebAPI2 controller method with a header value
PropertyInfo GetValue() Object does not match target type
Cannot implicitly convert type System.Data.Entity.Core.Objects.ObjectResult to System.Data.Objects.ObjectResult
How to get method name from inside that method without using reflection in C#
Get control name in Button event handler method Xamarin Forms

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!