Reputation: 406
Amazon Cognito Domain and CORS
I am using Amazon Cognito as an OAuth provider.
The endpoint for getting the authorization code from cognito is https://AUTH-DOMAIN.auth.us-east-1.amazoncognito.com.
My website is hosted on S3 (https://example.s3.amazonaws.com) and requests the above cognito domain, the cognito endpoint does not return the CORS header (Access-Control-Allow-Origin: *) in the response.
Thus, I'm getting an error.
I don't see an option to enable cors in the cognito user pool. I see an unanswered question in the AWS forum - https://forums.aws.amazon.com/thread.jspa?messageID=924297
Can someone help me with this issue?
Upvotes: 0
Views: 3765
Answers (1)
Reputation: 406
Found that AWS Cognito presently(Apr 2020) does not support CORS on the domain name. Although, there is probably something not right with the architecture that requires CORS from that domain.
The primary flows relating to Cognito Auth get are redirected to the redirect_url URLs upon success, the flow which requires CORS is usually requesting from a response on success from the server rather than a redirect.
Calling the raw Cognito API URL might be the issue, using the web sdk is the solution which does the heavy lifting for us and puts us into the expected redirect flow.
Upvotes: 2
Related Questions
- api gateway endpoint with cognito authorizer cros error?
- 405 method not allowed error in AWS Cognito oauth2/token endpoint
- OAuth Cognito ID token unauthorized
- AWS Cognito and CORS Security Concern
- AWS cognito authorization
- AWS Cognito on custom domain not implementing correctly /.well-known/openid-configuration?
- AWS Cognito: Restrict users to a single domain
- cognito OAuth2 flow
- AWS API Method fails with 504 Error; Using Cognito and CORS
- How do I use AWS cognito response to authenticate API requests