We were able to fix this issue with the following steps:
Add domain/subdomain and return URL to your Apple account
Check the length of the domain in redirect_uri it shouldn't be too long
In our case, domain length was 54 symbols and it start working when we reduce it to 49 symbols. It looks like there is a limit to the domain name length of around 50 symbols.
It was easy to reach this limit since we use a Cognito domain with a prefix and prefix attached to quite long domain name ".auth.eu-central-1.amazoncognito.com".
Nik0lay
Users receive reputation points by contributing quality content to the forums.
Posts include post and replies published on the forums.
Post authors can mark replies as Accepted to indicate successful solutions.
Apple Developer Forums admins can mark replies as Apple Recommended to indicate an approved solution