ALB Authenticate Rule with Cognito error: OAuth flows must be enabled in the user pool client

I have a simple Cognito user pool (no federation) with an app client with all 5 available auth flows enabled:

ALLOW_ADMIN_USER_PASSWORD_AUTH
ALLOW_CUSTOM_AUTH
ALLOW_REFRESH_TOKEN_AUTH
ALLOW_USER_PASSWORD_AUTH
ALLOW_USER_SRP_AUTH

The pool already has AWS-provided domain configured.

When I attempt to integrate it into an authenticate rule for my ALB, I got the following error:

OAuth flows must be enabled in the user pool client

How can I make this work?

Sujets

Balises

Langue

English

demandé il y a 2 ans2578 vues

2 réponses

Ces réponses sont-elles utiles ? Votez pour la bonne réponse pour aider la communauté à bénéficier de vos connaissances.

Réponse acceptée

I figured out what's wrong. I did not configure a hosted UI for the app client, which is an unlisted requirement for OAuth.

répondu il y a 2 ans

EXPERT

vérifié il y a 22 jours

Hi,

Did you create a domain for the user pool? this is required to enable oauth2 endpoints.

EXPERT

répondu il y a 2 ans

khuongduybui
il y a 2 ans
Yes, I already created a domain. Does it have to be a custom-owned domain? Should I expect to see a DIFFERENT auth flow than the 5 listed ones?

Contenus pertinents