diff --git a/docs/resource_owners/amazon_cognito.md b/docs/resource_owners/amazon_cognito.md
index 64f004128..5ebb5a14f 100644
--- a/docs/resource_owners/amazon_cognito.md
+++ b/docs/resource_owners/amazon_cognito.md
@@ -21,7 +21,7 @@ hwi_oauth:
             scope:               "email openid" #needs to be enabled in cognito (profile, phone)
             options:
                 region: <pool_region>
-                domain: <pool_domain>
+                domain: <pool_domain> or <custom_domain> like https://yoursite.com 
 ```
 
 When you're done. Continue by configuring the security layer or go back to
diff --git a/src/OAuth/ResourceOwner/AmazonCognitoResourceOwner.php b/src/OAuth/ResourceOwner/AmazonCognitoResourceOwner.php
index bd964b35c..cf1dd9179 100644
--- a/src/OAuth/ResourceOwner/AmazonCognitoResourceOwner.php
+++ b/src/OAuth/ResourceOwner/AmazonCognitoResourceOwner.php
@@ -47,6 +47,10 @@ protected function configureOptions(OptionsResolver $resolver)
         ]);
 
         $normalizer = function (Options $options, $value) {
+            if (str_starts_with($options['domain'], 'https://') || str_starts_with($options['domain'], 'http://')) {
+                return str_replace('{base_url}', $options['domain'], $value);
+            }
+
             $baseUrl = \sprintf('https://%s.auth.%s.amazoncognito.com', $options['domain'], $options['region']);
 
             return str_replace('{base_url}', $baseUrl, $value);