Unable to create a custom domain in AWS Cognito
Hi,
I have completed my user pool configuration in the AWS Cognito and I got cognito URL like the below which I'm trying to replace with a custom domain:-
https://XXXXXXXX.auth.ap-southeast-1.amazoncognito.com
But getting an error:-
`[InvalidParameterException] Failed to create custom domain "oauth.XXXXXXXXX.com".
requestId: 22309494-1b97-456a-baea-f77ae29470f1 time: Sat Aug 12 2023 21:03:01 GMT+0530 (India Standard Time) code: InvalidParameterException message: Custom domain is not a valid subdomain: Was not able to resolve the root domain, please ensure an A record exists for the root domain.`
I have a public hosted zone like example.com that has got NS records of subdomain, **oauth.example.com **(created as a separate hosted zone). Now, I'm not sure which A record inside example.com I should point to. Also, does Cognito creates any CloudFront distribution endpoint by itself when we set up Cognito? I do not see any distribution endpoint that I should point this A record to?
- Newest
- Most votes
- Most comments
I solved this issue by giving a fake IP address to A record in the parent domain to get my domain validation successful by Cognito. I then created the custom domain, deleted this A record, and point my sub-domain to the CloudFront endpoint to make this whole setup work
From the error message provided, it looks like the root domain (XXXXXXXX.com) doesn't exist. Do you have an A record for that domain?
This error occurs when the custom domain is not a valid subdomain or when the root domain does not have an A record. An A record is a type of DNS record that maps a domain name to an IP address. You need to create an A record for your root domain and point it to the CloudFront distribution that Cognito provides for your custom domain. You can use Route 53 or another DNS service to do this.
AWS Cognito using a custom domain need A record (https://stackoverflow.com/questions/61636736/aws-cognito-using-a-custom-domain-need-a-record) custom domain is not a valid subdomain, dependson #11 (https://github.com/fun-stack/terraform-aws-fun/issues/11) Troubleshoot custom domain errors in Amazon Cognito (Troubleshoot custom domain errors in Amazon Cognito)
I hope this helps you resolve your issue.
Sorry, I did not understand this statement at all "You need to create an A record for your root domain and point it to the CloudFront distribution that Cognito provides for your custom domain." When I visit the CloudFront service in the Singapore region, I do not see any distribution that got created by Cognito. Do I need to create the distribution by myself? Also, if I go to the public hosted zone of my domain example.com, I do not see any distribution end point while creating A record with alias target to it?
Relevant content
- asked a year ago
AWS OFFICIALUpdated 9 months ago- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 6 months ago
I have public hosted zone like example.com that has got NS records of subdomain, oauth.example.com (created as a separate hosted zone). Now, I'm not sure which A record we are referring to here? My follow-up query is which services or IP address does this A record (inside example.com) should point to?