By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Redirect Loop Challenges: Seeking Guidance on Lambda@Edge and CloudFront Integration with Cognito"

0

Seeking Forum Assistance: Currently, I'm utilizing an S3 bucket housing a website as objects, all connected to a CloudFront distribution. Furthermore, I've integrated Cognito for user authentication. However, I've encountered a snag wherein the Lambda@Edge function I've implemented appears to be triggering a redirect loop during user login.

After extensive troubleshooting, I suspect the issue stems from the callback address configuration for the Cognito hosted UI within the web application. I've opted to use the CloudFront distribution domain as the callback address. While the Lambda function effectively redirects users to Cognito for authentication, upon successful authentication, the Cognito callback address redirects users back to the CloudFront distribution address, thus perpetuating the loop.

Despite dedicating numerous days to resolving this issue independently, I've yet to achieve a solution. Consequently, I'm reaching out to the forum community in the hopes of garnering insights or guidance on resolving this matter. Your expertise in this domain would be immensely beneficial, and any assistance you could offer would be sincerely appreciated.

Thank you kindly for considering my request and investing your time in assisting me.

Topics
Security, Identity, & ComplianceNetworking & Content Delivery
Tags
Amazon CognitoAmazon CloudFrontLambda@Edge
Language
English
Kurn
asked a month ago407 views
1 Answer
1

Hey there!

From what you've described, it sounds like there's a bit of a loop happening during the login process. This typically occurs when Cognito tries to send users back to the right place after they've logged in.

Firstly, head over to the Amazon Cognito console. From there, find your user pool settings. You'll want to navigate to the "App client settings" section. Once you're there, take a look at the "Callback URL(s)" setting.

Make sure that the callback URL listed there is set to the exact URL of your CloudFront distribution where your website is hosted. It should include the "https://" part and everything, like "https://your-cloudfront-domain.com/callback".

By updating this setting to point directly to your CloudFront distribution URL, Cognito should stop redirecting users to the CloudFront distribution domain, hopefully breaking the loop!

Give it a try and let us know how it goes. If you're still having issues after that, you can dive deeper into your Lambda@Edge function to make sure everything is set up correctly.

Nithish Subramaniyan
answered a month ago
profile picture
EXPERT
Giovanni Lauria
reviewed 25 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content