I’m using AWS Cognito to authenticate my application.

I created a user pool, an app client and added a custom domain.

It works well on local.
Now I need to deploy on a remote server : it works too when I use the IP address, but not when I use the https domain.

Use of IP address:

• http://”IP address”:”port” -> give me Cognito login page -> login OK -> I’m redirected to my application home page
• that’s perfect !

Use of https domain:

But when I try to use my https domain, I get the error “Unable to get user session following successful sign-in.“

• https://”mydomain.org” -> give me Cognito login page -> login OK, but I stay on the login page and get the previous error

Chrome console:

Regarding the Chrome console network, the first calls to “https://cognito-idp.ap-southeast-1.amazonaws.com/” seem OK, I see :

• AuthFlow: “USER_SRP_AUTH”
• ChallengeName: “PASSWORD_VERIFIER”, I can see the tokens (IdToken, AccessToken…)

But I never go to the next calls “https://cognito-identity.ap-southeast-1.amazonaws.com/”
which I have when I’m using the IP address.

I precise that I’m using a remote instance in Singapore, but my certificates were well imported in us-east-1.

I also use nginx on my remote server with a very simple configuration :

server {
        listen <port>;

        root /var/www/XXXX/html;

        error_log /var/log/nginx/error.XXXX.log warn;
        access_log /var/log/nginx/access.XXXX.log combined;
}

server {
    listen                      443 ssl;
    server_name                 my_domain;


    ssl_certificate             /etc/ssl/private/XXX.crt;
    ssl_certificate_key         /etc/ssl/private/XXX.key;

    root /var/www/XXXX/html;

    error_log /var/log/nginx/error.XXXX.log warn;
    access_log /var/log/nginx/access.XXXX.log combined;
}

Any help please, it’s been 2 days I’m trying to solve this :(.