Unable to create a custom domain in AWS Cognito

0

Hi,

I have completed my user pool configuration in the AWS Cognito and I got cognito URL like the below which I'm trying to replace with a custom domain:-

https://XXXXXXXX.auth.ap-southeast-1.amazoncognito.com

But getting an error:- Enter image description here

`[InvalidParameterException] Failed to create custom domain "oauth.XXXXXXXXX.com".

requestId: 22309494-1b97-456a-baea-f77ae29470f1 time: Sat Aug 12 2023 21:03:01 GMT+0530 (India Standard Time) code: InvalidParameterException message: Custom domain is not a valid subdomain: Was not able to resolve the root domain, please ensure an A record exists for the root domain.`

I have a public hosted zone like example.com that has got NS records of subdomain, **oauth.example.com **(created as a separate hosted zone). Now, I'm not sure which A record inside example.com I should point to. Also, does Cognito creates any CloudFront distribution endpoint by itself when we set up Cognito? I do not see any distribution endpoint that I should point this A record to?

3 Answers
0
Accepted Answer

I solved this issue by giving a fake IP address to A record in the parent domain to get my domain validation successful by Cognito. I then created the custom domain, deleted this A record, and point my sub-domain to the CloudFront endpoint to make this whole setup work

answered 9 months ago
profile picture
EXPERT
reviewed 2 months ago
0

From the error message provided, it looks like the root domain (XXXXXXXX.com) doesn't exist. Do you have an A record for that domain?

profile pictureAWS
EXPERT
answered 10 months ago
profile picture
EXPERT
reviewed 10 months ago
  • I have public hosted zone like example.com that has got NS records of subdomain, oauth.example.com (created as a separate hosted zone). Now, I'm not sure which A record we are referring to here? My follow-up query is which services or IP address does this A record (inside example.com) should point to?

0

This error occurs when the custom domain is not a valid subdomain or when the root domain does not have an A record. An A record is a type of DNS record that maps a domain name to an IP address. You need to create an A record for your root domain and point it to the CloudFront distribution that Cognito provides for your custom domain. You can use Route 53 or another DNS service to do this.

AWS Cognito using a custom domain need A record (https://stackoverflow.com/questions/61636736/aws-cognito-using-a-custom-domain-need-a-record) custom domain is not a valid subdomain, dependson #11 (https://github.com/fun-stack/terraform-aws-fun/issues/11) Troubleshoot custom domain errors in Amazon Cognito (Troubleshoot custom domain errors in Amazon Cognito)

I hope this helps you resolve your issue.

answered 10 months ago
  • Sorry, I did not understand this statement at all "You need to create an A record for your root domain and point it to the CloudFront distribution that Cognito provides for your custom domain." When I visit the CloudFront service in the Singapore region, I do not see any distribution that got created by Cognito. Do I need to create the distribution by myself? Also, if I go to the public hosted zone of my domain example.com, I do not see any distribution end point while creating A record with alias target to it?

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions