Unable to verify Secret Hash For Client AWS Error

# Unable to verify Secret Hash For Client AWS Error

The "Unable to verify Secret Hash for Client" error occurs in Cognito and Amplify requests when the App client of a User pool is configured with an App client Secret, but the secret is not provided when making API requests.

To solve the "Unable to verify Secret Hash for Client" error, create a new App client for your Cognito user pool and uncheck the Generate client secret checkbox.

To create a new App client without generating a client secret:.

1. Open the Cognito AWS Cognito console, click on Manage User Pools and select your user pool
2. In the sidebar click on App clients and verify if your App client secret field is populated

3. Scroll to the bottom of the page and click on Add another app client. Copy the configuration of your first App client, however, uncheck the Generate client secret checkbox

4. Once the App client without the secret is created you can delete your old app client. Only the app client without the secret should remain.

# Additional Resources

You can learn more about the related topics by checking out the following tutorials:

• AWS Amplify Auth with React - complete tutorial
• User Pool Attributes in AWS Cognito - Complete Guide
• AWS CDK Tutorial for Beginners - Step-by-Step Guide
• How to use Parameters in AWS CDK