Amazon Cognito - UI Customizations - cannot use the HTTP protocol

Question

I'm using Amazon Cognito User pool to customize my UI for sign in and Log in. From my understanding, Callback URL is the landing page after successful login. When I tried to configure my callback URL, I always get below error Trying to input call back URL as http://BUCKETName.s3-website-us-east-1.amazonaws.com/index.html

We were unable to update your App Configuration: http://BUCKETName.s3-website-us-east-1.amazonaws.com/index.html cannot use the HTTP protocol. (Service: AWSCognitoIdentityProviderService; Status Code: 400; Error Code: InvalidParameterException; Request ID: b3a888be-ded0-11e7-b16b-0fd6b04b4706)

If I replace this with http://localhost/ then it works but it's of no use because can't use it in production. Amazon documentation doesn't provide much information on this. How do i make it work? Any idea?

Answer 1

To use Cognito you must have a https address. to route http traffic to an https address you can use an Route53, Amazon Certificate Manager (https://aws.amazon.com/certificate-manager/) with an S3 bucket and Amazon CloudFront.

Rout53 will provide DNS functions, while ACM will register the DNS with the global database of SSL certificates that allow for secure connections between user and site. The S3 bucket would redirect http traffic to an https address and CloudFront ensures the data is securely delivered.

Answer 2

Cognito call back url doesnt support http. you need to use https instead.