Use AWS Cognito as OIDC provider in Cloudflare

Trying to use AWS Cognito as my identity provider in Cloudflare. Verified the keys and url. Users does get added to AWS Cognito on signup but on redirect it gives the following error:

Following is the redirect configured in AWS cognito as suggested in the Cloudflare team documentation:

https://demotest.cloudflareaccess.com/cdn-cgi/access/callback

demotest here is the team name as configured in Cloudflare Access.

Thanks!

I’ve not used that particular service. When you click the test button for your IdP does it work / retrieve information on the account you are testing with?

The test button on the IDP provided in Cloudfare does not work either. The user gets authenticated in IDP and can see that user in the active directory in AWS cognito IDP. After authentication the callback does not work which is the cloudfare endpoint.

The issue has been resolved with the help of Cloudflare support team. The IDP cert url setup in Cloudflare was incorrect. After correcting the cert url in the IDP login setup the redirection is working as expected.