Getting invalid_client error using next-auth for cognito
I have a Next JS app, a next-auth library and aws cognito to store user information. I created a public client in my Cognito userpool and using that userpool id & client id, I initially successfully connected my application to Cognito. Back then, I was not using next-auth.
Now I decided to use next-auth and take all this server side. I'm still using the old cognito client. It properly redirects me to Cognito login UI, but after a successful login, the following error is triggered by next-auth
https://next-auth.js.org/errors#oauth_callback_error invalid_client {
error: OPError: invalid_client ...
Then there is a trace of the error followed by
name: 'OAuthCallbackError',
code: undefined
},
providerId: 'cognito',
message: 'invalid_client'
}
Why am I getting this error?
Given Next JS link states that 'OAUTH_CALLBACK_ERROR' signifies
This can occur during the handling of the callback if the code_verifier cookie was not found or an invalid state was returned from the OAuth provider.
I'm not sure what this 'code_verifier' cookie is, since I didn't try to do anything advanced with next-auth, I haven't altered any configuration that would trigger this.
next-auth will run it in the server side, which is why you would need a Confidential client instead of a Public client.
This is how AWS Cognito described different type of clients -
Public client: A native, browser or mobile-device app. Cognito API requests are made from user systems that are not trusted with a client secret.
Confidential client A server-side application that can securely store a client secret. Cognito API requests are made from a central server.
Which is why although your previous public client was working non-server side, this client is 'invalid' to be used in a server-side functionality provider like next-auth.
Create a Confidential client and make use of the client secret.
- Autoplay video in react material-ui CardMedia component
- React Tooltip doesn't closes when using settimeout
- clerk Authentication afterSignOutUrl property not known typescript error in React
- How to use WASM Tiktoken in React Webpack JS
- Should you pass setter functions into the dependency array of a React hook?
- Material UI React JS Select component with multiple value unable to deselect when more than 1 item is selected
- How to show divs when the mouse moves anywhere on screen, not just the element itself?
- Nginx doesn't seem to recognize index.html
- Keycloak error on console " violating Content Security Policy directive: "frame-ancestors 'self'"
- npm ERR! code UNABLE_TO_GET_ISSUER_CERT_LOCALLY
- not able to scroll two elements simultaneously
- How to manage state in Edit Modal Form with Submit Function in React?
- force folder structure and names in a repository using eslint
- react-hook-form: isDirty doesn't work at the first time
- Update Server Component after data has been changed by Client Component in Next.js
- ESLint - no-unused-expressions in ReactJS
- While running ReactiNative project index.js not found error occur
- FlatList not scrolling
- Eslint cannot read config file
- React Router login form needs to be submitted twice before router redirects to right route
- How can I add the close icon in the top right corner of the Material UI Dialog Header?
- How to fix transparent border going past gradient background image
- Tailwindcss show/hide transition
- fireEvent is calling Found multiple elements by: data-testid error in react-testing-library
- My userId is not passing from the page to the slice, but the form is. I am not sure why it is not passing correctly
- React-Hook Form: Cannot read properties of undefined (reading 'field')
- Next.js: document is not defined
- unordered list in contentful-rich-text rendering as P tags
- A non-serializable value was detected in an action, in the path: `register`. Value: [Function register]
- Assigned response data show [object object] React Native