I’m using AWS Cognito to authenticate my application.
I created a user pool, an app client and added a custom domain.
It works well on local.
Now I need to deploy on a remote server : it works too when I use the IP address, but not when I use the https domain.
Use of IP address:
- http://”IP address”:”port” -> give me Cognito login page -> login OK -> I’m redirected to my application home page
- that’s perfect !
Use of https domain:
But when I try to use my https domain, I get the error “Unable to get user session following successful sign-in.“
- https://”mydomain.org” -> give me Cognito login page -> login OK, but I stay on the login page and get the previous error
Chrome console:
Regarding the Chrome console network, the first calls to “https://cognito-idp.ap-southeast-1.amazonaws.com/” seem OK, I see :
- AuthFlow: “USER_SRP_AUTH”
- ChallengeName: “PASSWORD_VERIFIER”, I can see the tokens (IdToken, AccessToken…)
But I never go to the next calls “https://cognito-identity.ap-southeast-1.amazonaws.com/”
which I have when I’m using the IP address.
I precise that I’m using a remote instance in Singapore, but my certificates were well imported in us-east-1.
I also use nginx on my remote server with a very simple configuration :
server {
listen <port>;
root /var/www/XXXX/html;
error_log /var/log/nginx/error.XXXX.log warn;
access_log /var/log/nginx/access.XXXX.log combined;
}
server {
listen 443 ssl;
server_name my_domain;
ssl_certificate /etc/ssl/private/XXX.crt;
ssl_certificate_key /etc/ssl/private/XXX.key;
root /var/www/XXXX/html;
error_log /var/log/nginx/error.XXXX.log warn;
access_log /var/log/nginx/access.XXXX.log combined;
}
Any help please, it’s been 2 days I’m trying to solve this :(.