diff --git a/routers/web/auth/oauth.go b/routers/web/auth/oauth.go
index 8645aedbde..ef122629d9 100644
--- a/routers/web/auth/oauth.go
+++ b/routers/web/auth/oauth.go
@@ -539,7 +539,15 @@ func buildOIDCEndSessionURL(ctx *context.Context, doer *user_model.User) string
 	// https://openid.net/specs/openid-connect-rpinitiated-1_0.html#RPLogout
 	params := endSessionURL.Query()
 	params.Set("client_id", oauth2Cfg.ClientID)
-	params.Set("post_logout_redirect_uri", httplib.GuessCurrentAppURL(ctx))
+
+	// AWS Cognito uses "logout_uri" instead of the standard "post_logout_redirect_uri"
+	redirectURI := httplib.GuessCurrentAppURL(ctx)
+	if oauth2Cfg.Provider == "cognito" {
+		params.Set("logout_uri", redirectURI)
+	} else {
+		params.Set("post_logout_redirect_uri", redirectURI)
+	}
+
 	endSessionURL.RawQuery = params.Encode()
 	return endSessionURL.String()
 }
diff --git a/services/auth/source/oauth2/providers_cognito.go b/services/auth/source/oauth2/providers_cognito.go
new file mode 100644
index 0000000000..5b064ce979
--- /dev/null
+++ b/services/auth/source/oauth2/providers_cognito.go
@@ -0,0 +1,25 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package oauth2
+
+// CognitoProvider is a GothProvider for AWS Cognito (based on OpenID Connect)
+type CognitoProvider struct {
+	OpenIDProvider
+}
+
+// Name provides the technical name for this provider
+func (c *CognitoProvider) Name() string {
+	return "cognito"
+}
+
+// DisplayName returns the friendly name for this provider
+func (c *CognitoProvider) DisplayName() string {
+	return "AWS Cognito"
+}
+
+var _ GothProvider = &CognitoProvider{}
+
+func init() {
+	RegisterGothProvider(&CognitoProvider{})
+}
diff --git a/web_src/js/features/admin/common.ts b/web_src/js/features/admin/common.ts
index f0c0f5bee6..734c7915e0 100644
--- a/web_src/js/features/admin/common.ts
+++ b/web_src/js/features/admin/common.ts
@@ -86,6 +86,7 @@ function initAdminAuthentication() {
     const provider = document.querySelector<HTMLInputElement>('#oauth2_provider')!.value;
     switch (provider) {
       case 'openidConnect':
+      case 'cognito':
         document.querySelector<HTMLInputElement>('.open_id_connect_auto_discovery_url input')!.setAttribute('required', 'required');
         showElem('.open_id_connect_auto_discovery_url');
         showElem('.open_id_connect_external_id_claim');