By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

"Issuer doesn't match providerName" error for OpenId authentication provider

0

Hi, I am trying to use the Epic Online Services (EOS) as an OpenId authentication provider with a Cognito Identity pool.

I was able to create a new web identity provider of type OpenID Connect in IAM and select it when editing Cognito Identity pool.

But when I try to make a call to https://cognito-identity.us-west-2.amazonaws.com/?Action=GetId with "Logins" added using the identity provider id from above.

I get the following error:

{
    "__type": "NotAuthorizedException",
    "message": "Invalid login token. Issuer doesn't match providerName"
}

Issuer URL I am using https://api.epicgames.dev/epic/oauth/v2 Name is auto picked when creating IAM identity provider. Tried using the name as id "api.epicgames.dev/epic/oauth/v2" and some permutations of the it but nothing seem to match the provider name.

https://api.epicgames.dev/epic/oauth/v2/.well-known/openid-configuration is able to get Thumbprint successfully.

I can validate the token using https://api.epicgames.dev/epic/oauth/v2/tokenInfo

Topics
Security, Identity, & Compliance
Tags
Amazon CognitoAmazon Cognito Federated Identities
Language
English
gamerdoku
asked a year ago106 views
No Answers

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content