AWS cognito - Add acr_values parameter to authorize URL supplied by Cognito when calling OIDC provider

Question

I have an OpenID Connect Identity provider set up in an AWS Cognito user pool. When trying this URL in a browser:

https://<my_user_pool_domain>/oauth2/authorize?redirect_uri=<callback_uri>&response_type=code&client_id=<client_id>&identity_provider=<my_oidc_provider>

Cognito redirects to my OIDC provider with the following URL

https://<my_oidc_provider>/oauth2/authorize?client_id=<oidc_client_id> &redirect_uri=https://<my_user_pool_domain>/oauth/idpresponse&scope=openid&response_type=code&state=<state>

But this is where I’m stuck because the provider requires acr_values as a param. Is it possible to have Cognito add &acr_values=<my_values> to the query?

If the below answer is correct, could you please accept it ? — Deepthi, Oct 26 '18 at 11:26
I'm also facing similar kind of problem, how to maintain query string in cognito callback. I have tried this https://stackoverflow.com/questions/51143646/querystring-parameters-in-callback-url-for-aws-cognito/51308969 but not working — Varun Kumar, Feb 24 '21 at 07:35

score -3 · Answer 1 · answered Oct 23 '18 at 15:01

-3

Append your extra params acr_values=< my_values> in the redirect URI itself.

redirect_uri=https://<my_user_pool_domain>/oauth/idpresponse?acr_values=<my_values>

Register the same URI in the Cognito user pool as well.

answered Oct 23 '18 at 15:01

Deepthi

495
4
12

1

It’s a parameter to the /authorize request I want to append, not the redirect_uri – Jonas Oct 27 '18 at 09:19

AWS cognito - Add acr_values parameter to authorize URL supplied by Cognito when calling OIDC provider

1 Answers1