AWS CLI Cognito User Pool Client Creation fails

Question

I've got a Cognito user pool in AWS, and I'm trying to create a Bash script to add an app client to it using aws cli.

I'm running the following:

aws cognito-idp create-user-pool-client \
 --user-pool-id $user_pool_id \
 --client-name toy-client \
 --callback-urls "https://example.com"

where user_pool_id is set to the id of my user pool.

When I do so, I get a long error, of which this is the first few characters:

An error occurred (InvalidParameterException) when calling the CreateUserPoolClient operation: 2 validation errors detected: Value '[<, !, d, o, c, t, y, p, e,  , h, t, m, l, >, 
, <, h, t, m, l, >, 
, <, h, e, a, d, >, 
,  ,  ,  ,  , <, t, i, t, l, e, >, E, x, a, m, p, l, e,  , D, o, m, a, i, n, <, /, t, i, t, l, e, >...

It looks very much like it's retrieved https://example.com, which it does to verify it's accessible, but then it seems to be using the contents in place of the URL.

If I set this URL as the callback_url when creating an app client in the AWS console, it works fine.

Any suggestions as to what I'm doing wrong, or is this a bug?

Answer 1

Looks like the CLI isn't configured to accept the callback URL as a string and is instead loading the URL and passing the response as the parameter.

Ensure you are running the latest version of the CLI (preferably version 2). If you can't use v2 for whatever reason you can fix this behavior by setting cli_follow_urlparam = false in your aws config file ~/.aws/config as specified here.