a get request from postman returns 200 after configuring aws cognito twitch OIDC. However when I do the get request from the app on twitch i get CORS. I suspect this is the problem has to do with callback url or extension allowlist?
Should this be filled out? I am using twitch to host my front end.
twitch as idp was configured using the docs and is geetting 200 but this page i left blank do i need to put anything here?
you are supposed to redirect the user to Twitch.
Not fetch the URL in postman/another tool, this is why you are gettting a CORS error.
The first step of Authentation is a
<a href="" or a redirect to the
Thank you for reply.
I understand the <a href=" instead of get request. But on my backend cognito where I setup OIDC do i have to add a redirect there?
Here should I be ticking twitch and adding the twitch /authorize to the callback here? Or I dont need to fill this out since twitch is IDP?
As I don’t use AWS Cognito I’m not sure.
I chimed in to help with your CORS issue since you seemed to be oAuthing wrong.
This answer might be of help Reddit - Dive into anything
I don’t know if these fields as for specifiying oAuth configuration or where to send a user after they login/logout.
just read reply thank you will try again today (:
@BarryCarlyon or anyone else
I have done more reading and not just clicking buttons. What I am stuck on is once a user is authenticated in cognito how does it know to go back to my twitch channel?
I believe it is url callback
Do i enter the twitch extention Allowlist here or just twitch.tv/?
I think i am almost there its just getting back to my channel after initiating auth flow now
please any advice?
Cognito is a tool to get authentication from someone
The redirect URI is the URI that handles the code to token exchange.
Once a user has finished logging in your app does whatever you want with the logged in user
Not sure how/where/why an extension comes into this.
Since cognito is used as a method to get login from a user to then utilise your webapp or something.
I understand redirect_irl handles the authentication. But once authenticated you can enter a callback url. I will check some other code examples maybe I can get a clue from there.
Thank you for reply again.
- User clicks a link to Twitch
- They accept (or decline)
- They are sent to your callback URI, with a code or a token for your app to use, so for Cogento the callback URI is the Cogento handler.
What are you actually building/trying to do?
I see where I got confused. I will test it using the cognito handler thank you again
but other terms like “Redirection URI”, “Redirection URL”, “Redirect URI”, “Redirect URL”, “Callback URL” and “Callback URI” etc. are all used interchangeably, some because in protocol fields the term gets shortened to things like
redirect_uri , others because of inherited legacy terminology from similar protocols that pre-date OAuth 2.0.