I’m trying to understand what exactly I’m doing wrong - most likely it’s because I don’t have a clear understanding of the Auth 2.0 flow and OIDC in general. I’ve been trying to solve this for the past 3 days and I’m really stuck.
At work we’re using NextJS, have our own IDP sourced by a large provider. For the Authentication in our NextJS app we’re using the Auth0 SDK (@auth0/nextjs-auth0), which as I understand can be used with any OIDC compliant server and not necessarily with any of the Auth0 services. That works and it’s great. It’s very light library and it seems to do everything we need.
Now, in one of my personal projects, I’m also using NextJS, Strapi in the backend which has the protected content and AWS Cognito as my IDP. Strapi supports Cognito as a provider and I’ve set it up and the user is created in both, Cognito and Strapi.
I also want to use Auth0 to handle all the authentication in my NextJS app as I don’t want to be coding any of that as it feels more secure to be using that SDK. I’m following these simple steps: Auth0 Next.js SDK Quickstarts: Login
Now, the problem is, that the flow is not fully working. The user gets created but when the redirect happens (from the front end to the Strapi CMS) I get:
expected 200 OK, got: 404 Not found. At this moment I’m also able to see in the Strapi CMS the log entries:
debug GET /connect/cognito/callback?code=5c996826-b953-4b55-a943-880452072fd2 (766 ms) 302 debug GET /auth/cognito/callback/.well-known/openid-configuration (1 ms) 404 debug GET /.well-known/oauth-authorization-server/auth/cognito/callback (0 ms) 404
AWS Cognito is set to redirect to the CMS (localhost:1337/connect/cognito/callback), which in turns redirects to the front-end -
localhost:4200/api/auth/callback which is one of the routes handled by the next’s-auth0 package, which it’s doing a GET request to the location in the logs (/.well-known…).
So as I see the flow should be/is the following:
NextJS links to localhost:1337/connect/cognito → (which takes us to the Hosted Login/signup page) → callback to the CMS → Redirect to front-end → Call to the CMS. Error happens here.
In NextJS the env AUTH0_ISSUER_BASE_URL=‘localhost:1337/connect/cognito’
What am I doing wrong here? Is this a bug? What am I missing? (Please ignore missing protocol in links, it’s more a requirement of this forum which prevents me to add links as I’m new here)