Solve - Unable to verify Secret Hash For Client AWS Error

avatar

Borislav Hadzhiev

Mon Sep 27 20212 min read

Solving - Unable to verify Secret Hash For Client Error #

The "Unable to verify Secret Hash for Client" error occurs in Cognito and Amplify requests when the App client of a User pool is configured with an App client Secret, but the secret is not provided when making API requests.

When using Cognito or Amplify on the client side (in a browser), the client hash can't be secured and the library does not support App clients with a secret.

To solve the "Unable to verify Secret Hash for Client" error, create a new App client for your Cognito user pool and uncheck the Generate client secret checkbox.

uncheck generate client secret

Unfortunately once the App client is created, you can't disable the app client secret. This means you have to create a new App client without a secret and delete the old one.

To create a new App client without generating a client secret:.

  1. Open the Cognito AWS Cognito console, click on Manage User Pools and select your user pool
  2. In the sidebar click on App clients and verify if your App client secret field is populated

app client secret

  1. Scroll to the bottom of the page and click on Add another app client. Copy the configuration of your first App client, however uncheck the Generate client secret checkbox

  2. Once the App client without the secret is created you can delete your old app client. Only the app client without secret should remain.

app client without secret

Once your app client is configured to not require a secret hash you will be able to sign users up without getting the error.

Further Reading #

Join my newsletter

I'll send you 1 email a week with links to all of the articles I've written that week

Buy Me A Coffee