search

aws-solutions / connected-mobility-solution-on-aws

Accelerate development and deployment of connected vehicle assets with purpose-built, deployment-ready accelerators, and an Automotive Cloud Developer Portal (ACDP)
Apache License 2.0
18 stars 8 forks source link

Unable to sign in into ACDP #43

Open priyanka-mahatme opened 2 days ago

priyanka-mahatme commented 2 days ago

Q. What causing a issue here and how to fix it to successfully sign in into ACDP.

Description: I have followed the AWS documentation to deploy the stacks and deployed them directly from the AWS console by uploading a template file in the following order:

VPC module auth.setup.template acdp.template (By default acdp-backstage-stack also deployed) cms-config.template cms-auth.template cms-provisioning.template cms-connect-store.template cms-api.template cms-alerts.template cms-ev-battery-health.template cms-vehicle-simulator.template FleetWise Connector module I also created a Hosted Zone in Route 53 and provided the hosted zone in the parameter while deploying the ACDP stack. I am able to access the ACDP initial page but cannot sign in, receiving the following error:

Error: An error was encountered with the requested page

Tried reaching out to AWS support team but they are not able to help us as CFT stack got deployed successfully.

mttwise commented 2 days ago

@priyanka-mahatme Thanks for reporting the issue.

If possible, can you please share the CloudFormation parameters you set (hiding any personal information) when deploying the auth-setup and acdp templates?

We will look into what the issue might be and want to confirm your setup.

Thanks, Matt

priyanka-mahatme commented 2 days ago

Thanks for your response @mttwise !!

As per the ask adding the parameter details for Auth-setup ad ACDP template. For the security purpose hiding the values for FullyQualifiedDomainName and Route53HostedZoneId

Auth-setup: Parameter: Key Value Resolved value
CallbackUrls https://example.com - IdentityProviderId cms - IdPConfigSecretArn - - ServiceClientConfigSecretArn - - ShouldCreateCognitoResources true - UserClientConfigSecretArn - -

ACDP-template: Parameter: AcdpUniqueId acdp - BackstageAdditionalScopes - - BackstageLocalAssetDiscoveryRefreshMins 30 - BackstageLogLevel info - BackstageName ACDP - BackstageOrg Auto - CustomAcmCertificateArn - - FullyQualifiedDomainName - IdentityProviderId cms - IsPublicFacing true - Route53HostedZoneId - UseBackstageAuthRedirectFlow true - VpcName -xyzVpc -

One more thing would like to bring to your notice

This was the error it showing in the browser search result after hitting the sign in in ACDP portal:- error?error=redirect_mismatch&client_id=__(hided client_id)

Thank You, Priyanka

mttwise commented 19 hours ago

@priyanka-mahatme Looking at your Auth-Setup parameters, I think the CallbackUrls parameter needs to be configured to support the backstage handler address.

Can you please try doing a stack update on Auth-Setup in the CloudFormation console where you set the parameter to the following value: https://<FullyQualifiedDomainName>/api/auth/oauth2/handler/frame

Steps here:

  1. Press Update image

  2. Select 'use existing template' image

  3. update CallBackUrls image