Stuck with Strapi + NextJS + Auth0 and Cognito as a provider

I’m trying to understand what exactly I’m doing wrong - most likely it’s because I don’t have a clear understanding of the Auth 2.0 flow and OIDC in general. I’ve been trying to solve this for the past 3 days and I’m really stuck.

At work we’re using NextJS, have our own IDP sourced by a large provider. For the Authentication in our NextJS app we’re using the Auth0 SDK (@auth0/nextjs-auth0), which as I understand can be used with any OIDC compliant server and not necessarily with any of the Auth0 services. That works and it’s great. It’s very light library and it seems to do everything we need.

Now, in one of my personal projects, I’m also using NextJS, Strapi in the backend which has the protected content and AWS Cognito as my IDP. Strapi supports Cognito as a provider and I’ve set it up and the user is created in both, Cognito and Strapi.

I also want to use Auth0 to handle all the authentication in my NextJS app as I don’t want to be coding any of that as it feels more secure to be using that SDK. I’m following these simple steps: Auth0 Next.js SDK Quickstarts: Login

Now, the problem is, that the flow is not fully working. The user gets created but when the redirect happens (from the front end to the Strapi CMS) I get: expected 200 OK, got: 404 Not found. At this moment I’m also able to see in the Strapi CMS the log entries:

debug GET /connect/cognito/callback?code=5c996826-b953-4b55-a943-880452072fd2 (766 ms) 302
debug GET /auth/cognito/callback/.well-known/openid-configuration (1 ms) 404
debug GET /.well-known/oauth-authorization-server/auth/cognito/callback (0 ms) 404

AWS Cognito is set to redirect to the CMS (localhost:1337/connect/cognito/callback), which in turns redirects to the front-end - localhost:4200/api/auth/callback which is one of the routes handled by the next’s-auth0 package, which it’s doing a GET request to the location in the logs (/.well-known…).

So as I see the flow should be/is the following:

NextJS links to localhost:1337/connect/cognito → (which takes us to the Hosted Login/signup page) → callback to the CMS → Redirect to front-end → Call to the CMS. Error happens here.

In NextJS the env AUTH0_ISSUER_BASE_URL=‘localhost:1337/connect/cognito’

What am I doing wrong here? Is this a bug? What am I missing? (Please ignore missing protocol in links, it’s more a requirement of this forum which prevents me to add links as I’m new here)

Did you ever get this figured out? Also, when you wrote “Strapi supports Cognito as a provider and I’ve set it up and the user is created in both, Cognito and Strapi.” What did you have to do to add the user into Cognito? Did you use Amplify, or were you able to add the user into Cognito via Strapi?

Thanks,
Darryl

I was not able to figure it out. In regards to what I did I just followed the steps found in the guide Roles & Permissions - Strapi Developer Documentation

As mentioned, I’m using Auth0 - not Amplify. Are you getting the same error or are you just attempting to use a similar approach as the login example? (strapi-examples/login-react at master · strapi/strapi-examples · GitHub)