Hi, my users do not want to use the Cognito Hosted UI for loging in and prefer to authenticate with a custom api gateway endpoint. We thought it was working fine, but when we try to secure a different api gateway endpoint. We do not have the scopes that will validate when using the access_token
I have tried the .net SDK InitiateAuthAsync call and I am also trying raw http calls to the oauth2/token endpoint "https://{our domain}.auth.us-east-1.amazoncognito.com/oauth2/token"
The InitiateAuthAsync only returns scope: "scope": "aws.cognito.signin.user.admin",
the Oauth endpiont does not allow the password grant type according to this web page:
https://docs.aws.amazon.com/cognito/latest/developerguide/token-endpoint.html
