How to integrate Appsmith OIDC with Cognito

Seems like someone has been working on this documentation but not sure if it is ready: [Docs]: Add documentation for OIDC integration with AWS Cognito · Issue #15827 · appsmithorg/appsmith · GitHub

Yes. It has already been worked on but yet to be released.
It should be available in the 1 or 2 releases

Tried to do it, but I get redirected to “https://user/login?error=true”, even though authentication is successful by the identity provider. Can’t seem to find what the actual error is there.

Hello Mike! Could you please share a screen recording of the issue? Also, please share a screenshot of your OIDC configuration.


The request goes out like this:******************&scope=openid email&state=zwAbkr1Uq6pZhDW2OGSAZaEitQaKqVHWBTpx89mP2iA@origin-/applications&redirect_uri=https://******************/login/oauth2/code/oidc&nonce=EfEo4QkhwKT_M1ofoOrhly3JQzBRm7G9HQYES9sb2xk

The app gets back this:


No errors during requests, just a redirect to “https://user/login?error=true”

email is an attribute in Cognito user pool, and Email is also a scope available to the Cognito App client.

Hello Mike!
Please send us the server logs to help us investigate the issue. You can grab the logs by running docker logs -f appsmith.
Or you could follow the steps from this guide on how to get the logs

Hi Amelia, thank you for the hint about the logs. I forgot that I have access to them.

The issue was trivial: User Info URL Endpoint has an uppercase ‘I’ in ‘oauth2/userInfo’.

It works now.

As a follow up: can this token be used to sign downstream calls to Authenticated APIs?

Are you looking to access the tokens generated after a user is successfully signed in via SSO? Please check the JWT section in our documentation.