Solution#1: FQDN (www.kabuter.io) worked with social federation but APEX domain (kabuter.io) failed at getting a token…
STEP 1: To get APEX domain working, create a s3 bucket named exactly like APEX domain (in my case kabuter.io) and add static web hosting with redirect to FQDN (in my case https://www.kabuter.io).
STEP 2: Then create a CloudFront distribution with Origin Domain Name as <bucket-name>.s3.<aws-region>.amazonaws.com (in my case kabuter.io.s3.us-east-2.amazonaws.com). Provide APEX domain (kabuter.io) in the Alternate Domain Names (CNAMEs)
STEP 3: Then use the Domain Name from the created CloudFront distribution and point your Route 53 APEX domain (kabuter.io) as IP4 Alias to the Domain Name
SOLUTION#2: FQDN works but APEX does not work issue update:
- ALIAS APEX name to your CloudFront distribution
- CNAME FQDN to APEX name