I'm using AWS Cognito as the OAuth provider for a Zendesk support app. The OAuth flow completes successfully, and the ZIS token is correctly issued. However, after authentication, the browser shows:
"OAuth authentication has been completed successfully. You can close the current browser window and continue with the app installation page."
At this point, the window doesn't close, and the app setup page doesn't proceed.
Inspecting the HTML/JS, I see that window.opener is null, so window.opener.postMessage() fails, and the parent window isn't notified that authentication completed.
This issue does not occur with Azure AD, where everything works as expected. It seems specific to AWS Cognito.
Has anyone else experienced this behavior? Is there something Cognito is doing (e.g., setting Cross-Origin-Opener-Policy or using a redirect that breaks opener references) that could cause this?
Looking for guidance on how to ensure the OAuth window can communicate back to the parent page correctly when using AWS Cognito.