0👍
Answering my own question as I found the solution!
As seen in my question, the response from federatedSignIn did not include the id_token. I did not think this was an issue, and thought maybe the Amplify SDK had a bug. But through various troubleshooting (and lots of questions to ChatGPT) I discovered that id_token should be in the response.
Furthermore, ChatGPT revealed that my federated User Pool app integration should have "openid" scope enabled in order to send the id_token.
Solution: enable "openid" scope on the app client "hosted UI" settings in the Cognito console, and request "openid" scope in my aws-exports.js file.
The ID token is typically included in the response when the "openid" scope is requested. If you are using the Authorization code grant or the Implicit grant flow and requesting the "openid" scope, then the ID token should be included in the response by default.
My updated aws-exports.js file:
const awsExports = {
Auth: {
region: 'us-east-2',
userPoolId: 'us-east-2_xxxxxxxxx',
userPoolWebClientId: 'xxxxxxxxxxxxxxxxxxxxxxxxx',
oauth: {
domain: 'xxxxxxxxxx.auth.us-east-2.amazoncognito.com',
scope: [
'https://xxxxxxxxxx-vpce-xxxxxxxxxxxxxxxxx.execute-api.us-east-2.amazonaws.com/x/rw',
'openid'
],
redirectSignIn: 'http://localhost:8080',
responseType: 'code'
}
}
}
export default awsExports
- [Vuejs]-Best approach for adding animation to large text blocks in Vue
- [Vuejs]-V-data-table-server not updating component in the table template