By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Cognito idpresponse: error_description=username+attribute+mapping+required&error=invalid_request

0

I have added two very similar OIDC id provider to cognito user pool with cdk. Why is the <domain>.<region>.amazoncognito.com/oauth2/idpresponse giving error_description=username+attribute+mapping+required&error=invalid_request ?

I have successfully added two OIDC and one SAML id provider. username is not one of the attributes you can add - it's provided by default.

Topics
Security, Identity, & ComplianceAWS Cloud Development Kit (CDK)
Tags
Amazon CognitoAWS Cloud Development Kit (CDK)
Language
English
rePost-User-7663208
asked a year ago213 views
1 Answer
0

Maybe is something int he configuration of the setting or the register the URL pool Domain. Usually the third party sends the response and ID token.

For instance with Okta we have this example https://repost.aws/knowledge-center/cognito-okta-oidc-identity-provider

For more information can you take a look of https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-oidc-idp.html we have the process for OIDC providers as Salesforce, Okta, Microsoft Azure an so on

AWS
Pilar Pinto
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content