Hi all, we’re facing the issue that we want to do the auth with Cognito, in code mode we have:

 

const options = {
  url: 'https://auth.hauzd.app/oauth2/token',
  method: 'POST',
  headers: {
    'content-type': 'application/x-www-form-urlencoded'
  },
  body: {
    'client_id': 'x',
    'grant_type': 'refresh_token',
    'refresh_token': bundle.authData.refresh_token
  },
  removeMissingValuesFrom: {
    'body': false,
    'params': false
  },
}

return z.request(options)
  .then((response) => {
    if (response.id_token) {
      return response.id_token
    }

    return false
  });

but it adds the refresh_token as query parameter, which causes a “invalid_grant” error.

It is a “Session auth”. We tried also “Api Key Auth” but it is the same… There is no way to avoid refresh_token to be put as query parameter.

Basically the issue is that the refresh_token should not be sent as query param but there is no way to remove it from there.

Please help. Thanks in advance!

Regards,

Gonzalo.