Hey @Danny Rehelis , I'm having this exact same issue. For the group field what value are you putting there.

I'm getting 

We can't log you in right now

Please contact your administrator.

Technical details

 Could you tell me what values you are putting for the JIT fields? Below is what I have setup. 

Display Name :: ${given_name} ${family_name}

Email :: ${email}

Groups :: cognito:groups

JIT Scopes :: profile email

Hey @Kourtney Barnes , on our setup, `JIT scopes` is left empty.

I'd suggest enabling stack trace information in the error pages to understand what is behind that `Technical details` error.

https://confluence.atlassian.com/enterprise/saml-single-sign-on-for-atlassian-data-center-applications-857050705.html#SAMLsinglesign-onforAtlassianDataCenterapplications-authenticationscreen

(at the very bottom)

Thanks @Thiago Masutti 

Stack Trace:[hide]java.lang.NullPointerException at com.atlassian.plugins.au - Pastebin.com

Can you paste a screenshot of the OIDC configuration in Confluence?
You may redact some information if needed.

Sure thing @Thiago Masutti 

Thanks @Daniel 

On Username mapping you need to use ${sub} instead of just sub.
See if that works.

Have you manually added any information on the Additional settings section?
Have you faced any error when using the automatic configuration?

If so, check if you have access to to your Amazon Cognito tenant from the Confluence server.
Maybe running the following command will help with ensuring network connection is possible from the server.

telnet <your-tenant>.amazoncognito.com 443

Let us know the results.

Kind regards,
Thiago Masutti

I tried ${sub} before I used sub, that didn't change anything .

I manually added the information in additional settings because it couldn't recognize those automatically. I opened a thread about it earlier actually but thought it might be resolved thanks to editing everything manually. 

443 port seems to be open:

[ec2-user@confluence ~]$ nc -zv URL.auth.eu-west-1.amazoncognito.com 443
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to IP:443.
Ncat: 0 bytes sent, 0 bytes received in 0.02 seconds.

Just added a comment on the other thread  and it should fix this problem as well

@Thiago Masutti Thank you! Now it can fetch the info automatically, but I'm facing a new issue when I'm logging in.

I created a local user in my Cognito pool and when I login, I get the following error:

We can't log you in right now

Please contact your administrator.

Technical details

And here's a long list of errors: com.atlassian.plugins.authentication.impl.web.usercontext.impl.jit.JitException - Pastebin.com

That's great, @Daniel 

That issue is related to the JIT user provisioning feature.

What if you create the same user in the Confluence internal directory, disable JIT provisioning and try the authentication?

Note that you are using OIDC sub as the username mapping, so that should be the username in Confluence as well.

With this we will at least guarantee the authentication flow is working fine and then focus on JIT.

Kind regards,
Thiago Masutti