I found the issue, and I believe it's a bug with the hosted UI.
The Sign In page seems to rely on an
XSRF-TOKEN cookie . If you open up two hosted UI windows that are both on the "Sign In as..." screen, even if they have different "state" query variables, the cookie value for
XSRF-TOKEN for both windows will be the same. It appears that once you log in, that XSRF token becomes invalid. The hosted UI does not change this value, so if you try to login again on the second window, it will try to use the invalid token, fail, and redirect you to the
/error page. If you hit the back button (or refresh the page before logging in), it will re-generate the
XSRF-TOKEN and unblock the authentication problem. Hopefully this helps someone else facing this issue. I am unsure how I can report this as a bug, so if anyone could reach out to me with that info that would be awesome.
Cognito UI does not show error when User Pool is not enabled.asked 8 months ago
Where can I find additional logging related to OIDC flow in Cognitoasked 6 months ago
can we customise the "SIGNIN" logo displayed on the top of the browser tab to application name for cognito login page UIasked 4 months ago
Cognito Hosted UI, using code flow and refresh with an SDK?asked a month ago
How to translate Cognito Hosted UI Forms?asked 5 months ago
Identity provider IDP implementation with custom loginasked 5 months ago
Amazon Cognito hosted UI password reset code messageAccepted Answerasked 8 months ago
Cognito Hosted Login Page Redirects to /error when multiple Sign In windows are openasked 2 months ago
In AWS Amplify UI React after Login how to redirect to dashboard path login button in home page in react in different pageasked 3 months ago
Cognito Facebook Login: bad id_token issuerasked 10 months ago