By using AWS re:Post, you agree to the Terms of Use

Invalid State Error - Hosted UI

0

Hello all,

I followed this guide: https://aws.amazon.com/blogs/security/how-to-add-authentication-single-page-web-application-with-amazon-cognito-oauth2-implementation/

I have a static webpage in S3 being served by Cloudfront.

The only difference is I have my own SSL certs and am using my own custom domain. NameCheap is my provider.

The hosted UI appears fine, I can create an account and get an email code.

The problem is, when I log in with that account, I get an invalid State error and do not see any of the account information that I should. In the Userprofile.js I see this:

// Verify state matches
state = urlParams.get('state');
if(sessionStorage.getItem("pkce_state") != state) {
alert("Invalid state");
}

I believe this is the cause, but I don't fully understand what is happening. The state is supposed to be passed back in the URL, which it seems like it is, but it does not match the sessionStorage state (which does not appear to exist in the Dev console in Chrome.)

Any guidance is appreciated.

2 Answers
0

Okay thanks to AWS support I figured this out.

You need the same Callback URL (in Cognito) that is in the userprofile.js file. I replaced the cloudfront url in Cognito with my domain, and it worked perfectly.

If anyone has a similar issue feel free to reach out if you need more information.

answered a year ago
0

Okay thanks to AWS support I figured this out.

You need the same Callback URL (in Cognito) that is in the userprofile.js file. I replaced the cloudfront url in Cognito with my domain, and it worked perfectly.

If anyone has a similar issue feel free to reach out if you need more information.

answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions