aws-cognito-angular-quickstart icon indicating copy to clipboard operation
aws-cognito-angular-quickstart copied to clipboard

Published 20 hours ago verified publisher icon amazon-archives

Unable to verify secret hash for client

Open jlfabi opened this issue 6 years ago • 5 comments

I am trying the project using my own User Pool. I am getting the following error:

Unable to verify secret hash for client "xxxxxxxx"

Is that a application issue or a User Pool configuration issue?

Thanks.

jlfabi avatar Dec 19 '17 15:12 jlfabi

When creating a new app go ahead without generating a client secret

RafPe avatar Dec 19 '17 21:12 RafPe

How do you validate tokens without a secret?

alshdavid avatar Feb 14 '18 23:02 alshdavid

I was wondering the same thing and found that according to https://github.com/aws-amplify/amplify-js/tree/master/packages/amazon-cognito-identity-js (the successor to https://github.com/aws/amazon-cognito-identity-js which is where the register call comes out of):

When creating the App, the generate client secret box must be unchecked because the JavaScript SDK doesn't support apps that have a client secret.

Looks like the AWS console generates a secret by default. If you uncheck 'Generate client secret' or create the app client via CLI or CFN with proper config, you should be good.

rellimevad avatar Jul 27 '18 18:07 rellimevad

I am having a app_secrete with me is it possible to remove the error by passing the app_screte with the authenticateUser function in flutter. If yes please explain.😊

itskgore avatar Apr 07 '20 06:04 itskgore

I am also stuck with the same problem as @itskgore

swanandvg avatar Jun 24 '20 20:06 swanandvg