我的目标是将Amazon Cognito与外部OpenID提供程序（在本例中为IdentityServer4）一起使用。问题是我使用了参考令牌，AWS并未对其进行验证以获取字段（我在日志中看不到对IdP的任何请求）。

这是我的客户：

  function OpenIDLogin() {

    let login_params = JSON.stringify(
      {
        "access_token": "{reference token}","expires_in": 3600,"token_type": "Bearer"
      }
    )
    console.log(login_params);
    AWS.config.region = 'us-east-1'; // Regione
    AWS.config.credentials = new AWS.CognitoIdentityCredentials({
      IdentityPoolId: '{identity pool id}',Logins: {
        "{idp url}": login_params
      }
    });

    // Make the call to obtain credentials
    AWS.config.credentials.get(function () {
      // Credentials will be available when this function is called.
      accessKeyId = AWS.config.credentials.accessKeyId;
      secretaccessKey = AWS.config.credentials.secretaccessKey;
      sessionToken = AWS.config.credentials.sessionToken;
    });

  }

  OpenIDLogin();

错误代码如下：message: "Invalid login token. Not a valid OpenId Connect identity token." __type: "NotAuthorizedException"