Last updated: Sep 27, 2021
Photo from Unsplash
The "Unable to verify Secret Hash for Client" error occurs in Cognito and
Amplify requests when the
App client of a User pool is configured with an
App client Secret, but the secret is not provided when making API requests.
To solve the "Unable to verify Secret Hash for Client" error, create a new App
client for your Cognito user pool and uncheck the
Generate client secret
To create a new App client without generating a client secret:.
Manage User Poolsand select your user pool
App clientsand verify if your
App client secretfield is populated
Scroll to the bottom of the page and click on
Add another app client. Copy
the configuration of your first App client, however, uncheck the
Generate client secret checkbox
Once the App client without the secret is created you can delete your old app client. Only the app client without the secret should remain.