Configuring AWS Cognito for OAuth in Apps

I am trying to use AWS Cognito as my access provider for a Cloudflare App. I have verified the my keys and believe I have pasted the correct URLs to the Cloudflare Service definition. AWS pops this error: An error was encountered with the requested page.

Auth URL:
Scopes: openid email phone
Token URL:

Anyone out there successfully configured an app to work with Cognito. The only other forum question on this was in 2018 and went unanswered.

I have looked at the URL Cloudflare is generating:<client_id>&

The Cognito login box does appear if I manually change it to<client_id>&

Is this perhaps a Cloudflare bug?