Error when different Callback URL's for Native and Web Cognito clients?

[tiyberius]

Description

I am very confused and the documentation does not help clear things up. I am importing an existing Cognito User Pool, as described here https://docs.amplify.aws/flutter/build-a-backend/auth/import-existing-resources/ and I'm getting the error:

🛑The following OAuth properties are not matching:

Callback URLs:

| acme-builders web client                 | acme-builders native app client |
| ---------------------------------------- | ------------------------------- |
| https://dev.acme-builders.app/           | acme-buildersapp-dev://         |
| https://dev.acme-builders.app/profile    |                                 |

Logout URLs:

| acme-builders web client          | acme-builders native app client  |
| --------------------------------- | -------------------------------- |
| https://dev.acme-builders.app/    | acme-builders-app-dev://         |

✖ There was an error initializing your environment.
🛑 Could not initialize categories for 'dev': There was an error importing the previously configured auth configuration to the new environment.

The documentation states

If the Cognito user pool has native and web client defined ensure the clients have matching OAuth properties.

Why must these values be the same across clients? Isn't that the whole point of having different clients? So that each client can have their own values like callback url and logout url? I can't imagine a situation in which these values should be the same.

Please let me know if I'm doing anything wrong or there is something missing in my understanding.

Thanks!

Categories

• Analytics
• API (REST)
• API (GraphQL)
• Auth
• Authenticator
• DataStore
• Notifications (Push)
• Storage

Steps to Reproduce

1. Create a Cognito User Pool
2. Create a web client with callback URL https://dev.acme-builders.app/
3. Create a native app client with callback URL acme-buildersapp-dev://
4. Import that cognito user pool using amplify import auth

Screenshots

No response

Platforms

• iOS
• Android
• Web
• macOS
• Windows
• Linux

Flutter Version

3.16.5

Amplify Flutter Version

1.6.1

Deployment Method

Amplify CLI

Schema

No response

[Equartey]

Hi @tiyberius, this doesn't seem specific to Flutter, I'm going to transfer this to the CLI team for better support.

[tiyberius]

Great thank you @Equartey! Look forward to the response from the CLI team

[ykethan]

Hey @tiyberius, thank you for reaching out. The import auth currently expects the URL's to match, the flow uses AWS SDK to import the Cognito resource. But do agree the flow can be improved to support different callback and Logout URL's.

As a workaround you should able to use the Amplify configure method amplify.configure() with multiple URL's. Refer to
documentation providing an example.

Marking this a feature-request for improvements.
note for improvements:

amplify-cli/packages/amplify-category-auth/src/provider-utils/awscloudformation/import/index.ts

Line 515 in 8ad57bf

const appClientsOAuthPropertiesMatching = async (

[tiyberius]

Thanks @ykethan for the quick response and a solution. I’ll give this a shot!

[github-actions]

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.