Integrating Grafana with Amazon AWS Cognito error - redirect mistmatch

Grafana Configuration
,
1

Hi,

I am having a mismatch with my Grafana <-> Cognito integration as well and I can’t put my finger on where the issue is.

I configured Grafana to work with https on - a public IP:
protocol: https
IP: 54.229.165.103:3000/login

My Grafana.ini configuration for [server]:

[server]
protocol = https
;The ip address to bind to, empty will bind to all interfaces

; The http port to use
;http_port = 3000

; The public facing domain name used to access grafana from a browser
domain = 54.229.165.103
; Redirect to correct domain if host header does not match domain
; Prevents DNS rebinding attacks
;enforce_domain = false

; The full public facing url you use in browser, used for redirects and emails
; If you use reverse proxy and sub path specify full url (with sub path)
root_url = https://54.229.165.103/generic_oauth
; Serve Grafana from subpath specific in root_url setting. By default it is set to false for compatibility reasons.
serve_from_sub_path = true

; Log web requests
;router_logging = false

; the path relative working path
;static_root_path = public

; enable gzip
;enable_gzip = false

; https certs & key file
cert_file = /etc/grafana/grafana.crt
cert_key = /etc/grafana/grafana.key
;cert_file =
;cert_key =
; Unix socket path
;socket =

;CDN Url
;cdn_url =

My Grafana.ini configuration for [auth.generic_oauth]
enabled = true
name = Midway authentication
client_id = 5vfbd3cr6mml8plqsed37nnecp
client_secret = <Some_Secret>
allow_sign_up = true
scopes = email profile aws.cognito.signin.user.admin openid
auth_url = <cognito_domain>.auth.eu-west-1.amazoncognito.com/oauth2/authorize
token_url = <cognito_domain>.auth.eu-west-1.amazoncognito.com/oauth2/token
api_url = <cognito_domain>.auth.eu-west-1.amazoncognito.com/oauth2/userInfo

My Cognito configuration:
(Starts with https… the site is not letting me to add it in the beggining)
Callback URL(s)
54.229.165.103:3000/generic_oauth

Sign out URL(s)
54.229.165.103:3000/login

The error:
{“error”:“Invalid redirect endpoint”,“traceId”:“I220607154133267DUBQROYCZXXPHL3”}

Can someone please assist?

Thanks in advance,

Bar Elhanati

2

I have the same problem, did you solved it?