Gitlab Cognito : An error was encountered with the requested page

Hello,

I have an issue when i’m tried to connect my Gitlab CE instance to AWS Cognito User Pool. I search to identify my users with Cognito with oAuth2 protocol.

I have follow does instructions :

But if I use the cognito button on the login screen, cognito return to me “An error was encountered with the requested page.”

My gitlab instance is an EC2 instance in AWS and I communicate with him over a Classic Load Balancer.

My gitlab.rb configuration for oAuth with Cognito :

gitlab_rails['omniauth_allow_single_sign_on'] = ['cognito']
gitlab_rails['omniauth_block_auto_created_users'] = false
gitlab_rails['omniauth_auto_link_user'] = ['cognito']
gitlab_rails['omniauth_providers'] = [
  {
    "name" => "cognito",
    # "label" => "Cognito",
    # "icon" => nil,   # Optional icon URL
    "app_id" => "5kq*********************",
    "app_secret" => "khva*******************************",
    "args" => {
      "scope" => "openid profile email",
      client_options: {
        'site' => 'https://myapplication.eu-west-1.amazoncognito.com',
        'authorize_url' => '/oauth2/authorize',
        'token_url' => '/oauth2/token',
        'user_info_url' => '/oauth2/userInfo'
      },
      user_response_structure: {
        root_path: [],
        id_path: ['sub'],
        attributes: { nickname: 'email', name: 'email', email: 'email' }
      },
      name: 'cognito',
      strategy_class: "OmniAuth::Strategies::OAuth2Generic"
    }
  }
]

My Cognito configuration :

Global configuration

How do you want your end users to sign in : Allow email addresses
Enable case insensitivity for username input : enable
Which standard attributes do you want to require : email

##App client conf
App client : Enable username password based authentication (ALLOW_USER_PASSWORD_AUTH)
Security configuration : Enabled

App clients settings

Enabled Identity Providers : Select all
Callback URL(s) : https://gitlab.mydomain.com/users/auth/cognito/callback/, https://clb-alias.eu-west-1.elb.amazonaws.com/users/auth/cognito/callback/
Sign out URL(s) : https://gitlab.mydomain.com

OAuth 2.0

Authorization code grant : enabled
email : enabled
openid : enabled
profile : enabled