Hi,
We are setting up Cognito for a new product and need to integrate it with an existing identity provider. In our test environment the identity provider is hosted on-premise, but is accessible from the www.
When configuring Cognito the openid configuration discovery fails.
Unfortunately we do not see any requests on the on-premise infrastructure that we could debug. It appears as if Cognito just cannot reach our servers on-premise.
Discovering cloud provider configuration from google works, as does discovering openid configuration that is hosted in another AWS account.
Is there a way to view logs about the connection attempts Cognito does and the errors it receives? Maybe a way to trace it in vpc flow logs? Are there other ways to debug connectivity problems with Cognito?
Are there known connectivity limits, like IP restrictions or geo restrictions for Cognito?
Best Regards
Chris Borckholder