-
Notifications
You must be signed in to change notification settings - Fork 10k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
This doesn't work with AWS Cognito #21014
Comments
If you capture the JWT and put it into a debugger like https://jwt.io/ does it have the claims you asked for? |
It does but it doesn't display on the blazor page...that is the issue at hand. |
@JSpring3 thanks for contacting us. At the very least your response type should be
|
There are no console errors and no error codes in the network tab.
|
Do you mean It is impossible for us to test third-party providers, so providing us as much information as you can is the best way we can try and help you narrow down what's going on. |
This issue has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 4 days. It will be closed if no further activity occurs within 3 days of this comment. If it is closed, feel free to comment when you are able to provide the additional information and we will re-investigate. See our Issue Management Policies for more information. |
Just in case anyone else finds this issue. I can confirm that AWS cognito works using code flow with Blazor (ironically unlike Azure AD/B2C which doesn't yet options.ProviderOptions.Authority = "https://cognito-idp.us-east-2.amazonaws.com/xxxxxxxx/";
options.ProviderOptions.ClientId = "xxxxxxxxx";
options.ProviderOptions.ResponseType = "code";
"openid profile email".Split(' ').ToList().ForEach(scope => options.ProviderOptions.DefaultScopes.Add(scope)); |
I'm using the exact settings as you but the app doesn't display the user info even though the login was successful. What are you using for a callback url? |
On Cognito's "App Client Settings" tab I'm using: Callback URL(s) : https://localhost:xxx/authentication/login-callback xxx = your ports Oh, one thing I noticed is that refresh tokens aren't supported so make sure your scopes don't include "offline_access" otherwise you'll get a 400 from AWS. When you say "user info" is not displayed? The access_token doesn't include any profile information by default (paste your access_token into jwt.io to check). I'm not an expert, but it seems that blazor is not fetching the id_token or user_info automatically even though "code" + "openid" should get the id_token I think. So I'm fetching these myself (separately) using the access_token and a separate http call |
I could not get your example working AWS Cognito.
It will send me back a valid ID token and a valid access token in the response but the example application does nothing with the two tokens so it doesn't display the name or show that you are logged in.
Here is my AWS Cognito Config
cc: @guardrex
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
The text was updated successfully, but these errors were encountered: