I've just configured my custome domain for AWS congito and wanted to connect my Resource Server (Spring Boot). Since I received a 400, I crosschecked the Endpoint manuelly and received the same response: Postman attempt. Did anyone encounter this issue working with AWS Cognito custome domains? Did I miss something?
Asked
Active
Viewed 348 times
0
-
A few days ago I saw very slow responses from .well-known endpoints. After some time I found that on another device (with a different Internet provider) it works fine. So I guess that some limits or throttling were applied to my IP. I rebooted router (so new dynamic IP was assigned to my workstation) and it works fine now. – Yuriy P May 06 '20 at 07:02
-
The response returns in around 350 ms, also at other devices. It seems like its related to cloudfront. – Tobias Gläßer May 06 '20 at 18:40
-
I see you are using http, have you tried https? And have you tried url like this `https://cognito-idp.{region}.amazonaws.com/{userPoolId}/.well-known/jwks.json` for getting JWKS info? – Yuriy P May 07 '20 at 05:49
-
@YuriyP Thank you, with https and the user cognito path its working. Any idea why the jwk-set path of a custome domain cant be resolved? I'll try to handeled the issue by an additional dns entry for now. – Tobias Gläßer May 08 '20 at 15:26
-
No, I don't know why JWKS path doesn't use a custom domain. I just use URLs provided by open id configuration endpoint `https://cognito-idp.{region}.amazonaws.com/{userPoolId}/.well-known/openid-configuration` – Yuriy P May 12 '20 at 06:12
1 Answers
1
If you create a custome domain at cognito, the jwks path needs to be accessed the classical way: https://cognito-idp.{region}.amazonaws.com/{userPoolId}/.well-known/openid-configuration
Tobias Gläßer
- 11
- 4