You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have an Amplify Gen 2 NextJS app configured with an external Google OAuth provider. After purchasing a custom domain for my website externally, I successfully configured the app with the custom domain so that when I go to my custom domain from my browser the website homepage loads successfully.
Now, when I log in using Google OAuth, I am redirected to the OAuth consent screen, but it still shows the redirect URL as <userpool>.auth.<region>.amazoncognito.com. To change this I followed the below steps:
Steps:
Set Up Your Custom Domain in AWS Cognito:
Go to the Cognito Console and select your User Pool.
Under the App Integration section, choose Domain name.
Click Use your own domain and enter your custom domain (e.g., auth.yourdomain.com).
Set Up the DNS Record:
In your DNS management console (e.g., Route 53), create a CNAME record.
Point your custom domain (e.g., auth.yourdomain.com) to the AWS Cognito service domain (e.g., your-userpool-id.auth.region.amazoncognito.com).
Verify Your Domain:
Once the DNS changes propagate, Cognito will verify the domain. This can take up to 24 hours.
Update Your Google OAuth Configuration:
Log in to the Google Cloud Console.
Go to APIs & Services > Credentials.
Edit your OAuth 2.0 Client ID and update the Authorized redirect URIs to use your custom domain.
Still it doesn't change the redirect URL because the auto generated amplify_outputs.json still has the amazon default domain <userpool>.auth.<region>.amazoncognito.com. I even tried redeploying the app, still it doesn't pick up the custom domain I configured in the userpool.
I there a way to configure this in the Amplify Gen 2 NextJS backend auth configuration? Or is this a bug?
Reproduction steps
Steps to reproduce given above.
The text was updated successfully, but these errors were encountered:
Hey @amalhub, thank you for reaching out. Adding custom domains isnt quite yet supported on defineAuth. Marking this as feature request.
Additionally, manual changes on the console will not reflect when using CDK to deploy resources.
but you should be able to extend the auth resource on the backend.ts using cdk constructs
import {
Certificate,
CertificateValidation,
} from "aws-cdk-lib/aws-certificatemanager"
import { HostedZone } from "aws-cdk-lib/aws-route53"
// create a stack for domain resources
const stack = backend.createStack("Domain")
// if you're not creating additional DNS records you can just use `fromHostedZoneId()`
const hostedZone = HostedZone.fromHostedZoneAttributes(stack, "HostedZone", {
hostedZoneId: <HOSTED_ZONE_ID>,
zoneName: <HOSTED_ZONE_NAME>,
})
// create certificate
const certificate = new Certificate(stack, "Certificate", {
<DOMAIN_NAME>,
validation: CertificateValidation.fromDns(hostedZone),
})
// add the custom domain which should populate the amplify_outputs.json
backend.auth.resources.userPool.addDomain("CustomDomain", {
customDomain: {
domainName,
certificate,
},
})
}
Environment information
Describe the bug
I have an Amplify Gen 2 NextJS app configured with an external Google OAuth provider. After purchasing a custom domain for my website externally, I successfully configured the app with the custom domain so that when I go to my custom domain from my browser the website homepage loads successfully.
Now, when I log in using Google OAuth, I am redirected to the OAuth consent screen, but it still shows the redirect URL as <userpool>.auth.<region>.amazoncognito.com. To change this I followed the below steps:
Still it doesn't change the redirect URL because the auto generated amplify_outputs.json still has the amazon default domain <userpool>.auth.<region>.amazoncognito.com. I even tried redeploying the app, still it doesn't pick up the custom domain I configured in the userpool.
I there a way to configure this in the Amplify Gen 2 NextJS backend auth configuration? Or is this a bug?
Reproduction steps
Steps to reproduce given above.
The text was updated successfully, but these errors were encountered: