From previous post ( https://dunlop.geek.nz/aws-cognito-azure-ad-react-amplify/ ) on this blog site I’ve been doing some work around SAML integration with AWS Cognito.
Today our Tiles redirection to our app broke!
It turns out the %20% in the URL was the root cause, which was used in the scope= section of the parameters.
As per the AWS Documentation:
If the client doesn’t request any scopes, the authentication server uses all scopes associated with the client.
So we safely removed the scope parameter, updated the Azure AD app and all was fine once again.