-
Notifications
You must be signed in to change notification settings - Fork 54
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AWS::Cognito::UserPoolClient-AllowedOAuthFlows #47
Comments
Hey, Please have a look at our custom resource for this: And us know if it doesn't work for your usecase and we would be happy to update it. |
@jacintoArias documentation is inconsistent with the actual implementation. the enum expected is not the same that the wizard walks you through and cloudformation expects different values. 'token' is not one of them despite being listed in the documentation for CFT. I checked with our amazon proserv team and they confirmed that the template used was correctly following the template. this is a bug with AWS for sure. following the documentation to the letter. AND Both these errors happen in cloudformation: AND Invalid scope requested: Cognito (Service: AWSCognitoIdentityProvider; Status Code: 400; Error Code: ScopeDoesNotExistException; Request ID: e645a434-a37d-4e02-a608-ea8661e151a6) in the above errors you can clearly see that the API is inconsistent with cloudformation and the respective documentation. |
--> I'd like to clarify that Cloudformation supports AllowedOAuthFlows. You can set like this.
|
It seems to have been added in august, but it isn't mentioned in the CloudFormation release notes. Documentation update where it was added: awsdocs/aws-cloudformation-user-guide@c9b84e8#diff-09cd4c20036ee265dc44b36968ce414aR15 |
AllowedOAuthFlows can be set by the API, but not with CloudFormation
Create and Update are both supported without replacement.
https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPoolClient.htm
https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPoolClient.html
Category: Security, Identity, & Compliance
The text was updated successfully, but these errors were encountered: