RainMaker Login Related issues
Third-party sign-in fails in my environment. The error extracted from the redirect URL is "user.client:Attribute+does+not+exist+in+the+schema.invalid_request". How can this be resolved?
Answer
The error "user.client:Attribute+does+not+exist+in+the+schema.invalid_request" is observed in RainMaker backend release 2.3.0.
The quick fix for this issue is to make manual changes on the AWS console to correct the Cognito IDP attribute mappings.
The steps to fix the issue are as follows:
- Go to the AWS console -> RainMaker deployment region -> Cognito -> User pools -> rainmaker-user-email-mobile-pool (if you use both email and mobile number based sign-in) or rainmaker-user-email-pool (if you use email-based sign-in) -> Sign In Experience -> Federated identity provider sign-in. This will list all Identity Providers configured with the user pool.
-
Click on the Identity Provider name to correct the attribute mappings from the list on the above page.
-
Go to Attribute mappings and click on "Edit". Update the list with the correct mapping values.
- Correct Attribute mappings for the IDPs are given here:
Google:
| User pool attribute | Google attribute |
|---|---|
| custom:admin | custom:admin |
| custom:maintainer | custom:maintainer |
| custom:user_id | custom:user_id |
| email_verified | email_verified |
| name | name |
| picture | picture |
| username | sub |
SignInWithApple:
| User pool attribute | Apple attribute |
|---|---|
| name | name |
| username | sub |
- After the attribute mappings are updated as shown above, the issue should be resolved.