Cognito (with google) + Application Load Balancer = 414 Request-URI Too Large

0

I have configured the Application Load Balancer to sit in front my application hosted in ECS. The load balancer has a rule to Authenticate using Cognito User Pool and then forward the request to a target group. I get the prompt to enter my Google credentials the login appears to be successful, with the url in the format https://{domain}/oauth2/authorize?client_id={id}&redirect_uri=https%3A%2F%2{domain}.%2Foauth2%2Fidpresponse&response_type=code&scope=openid&state={state here}

The problem here is I get "414 Request-URI Too Large". I have no indication that this is from my application and this is a response from the load balancer. The length of the State in the url is 20,514 characters

My question is this a bug or what am I doing wrong?

asked 2 years ago976 views
1 Answer
0

Hi, Thank you for using AWS re:Post

The reason why the load balancer sends you the HTTP 414: URI too long error is because the request URL or query string parameters are too large [1].

In order to fix this, we can try enabling client secret for the application in AWS Cognito [2].

Please keep in mind that if the ARN length exceeds the 1600 bytes limit it could also cause this error [3].

Here are additional articles that might be helpful:

[1] https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-troubleshooting.html#load-balancer-http-error-codes

[2] https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-client-apps.html

[3] https://docs.aws.amazon.com/apigateway/latest/developerguide/limits.html

answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions