Invalid Redirect URI for Server Based Authentication when deploying to cloudfront (localhost works fine).

CoMAGOL_ADMINISTRATOR — Mon, 31 Aug 2020 02:34:49 GMT

We've been working on a custom feature editor that uses server based user logins to integrate AWS services with AGOL login. This has been working fine on localhost, the user is sent to the right URL and we can get a token back. Flow is:

1. Send user to URL (below)

2. Get code back

3. Exchange for a token via a lambda, that also registers a Cognito identity token for AWS credentials

4. Send back to client and register with IdentityManager.

Launching it to AWS cloudfront, however, I get an "invalid redirect_uri" error - example: https://cityofmelbourne.maps.arcgis.com/sharing/rest/oauth2/authorize?client_id=0KBzlPo2662D42j5&expiration=20160&redirect_uri=https%3A%2F%2Fd2b025iknw7h16.cloudfront.net%23&response_type=code

I've added the cloudfront URL to the whitelisted redirect URIs (both https and http). Neither work:

Am I missing something?

As a side note, passing an expiration to the above URL (/rest/oauth2/authorize) does nothing, and my token expires within 30 minutes. Am I doing something wrong there?

Re: Invalid Redirect URI for Server Based Authentication when deploying to cloudfront (localhost works fine).

SusanPollard — Fri, 11 Mar 2022 01:18:54 GMT

Was this problem resolved? If so can you share the resolution please?

topic Re: Invalid Redirect URI for Server Based Authentication when deploying to cloudfront (localhost works fine). in ArcGIS Online Questions

Invalid Redirect URI for Server Based Authentication when deploying to cloudfront (localhost works fine).

Re: Invalid Redirect URI for Server Based Authentication when deploying to cloudfront (localhost works fine).