matt
Reputation: 243
How do AWS Cognito Authentication tokens refresh
I am not understanding something about Amazon Cognito. If JWT tokens are only good for an hour, then they need to refresh, but how should my app do this? How does this happen? Do you just request new tokens and it remembers the session you are in? Also, do you store the JWT tokens in the state? I'm not understanding this, if anyone can help out I would appreciate it. Thanks!
Upvotes: 1
Views: 220
Answers (1)
qkhanhpro
Reputation: 5230
When asking for token, if the grant_type is authorization_code the token endpoint returns refresh_token
Sample:
HTTP/1.1 200 OK
Content-Type: application/json
{
"access_token":"eyJz9sdfsdfsdfsd",
"refresh_token":"dn43ud8uj32nk2je",
"id_token":"dmcxd329ujdmkemkd349r",
"token_type":"Bearer",
"expires_in":3600
}
Then you can exchange the refresh token at the token endpoint to get another token
POST https://mydomain.auth.us-east-1.amazoncognito.com/oauth2/token >
Content-Type='application/x-www-form-urlencoded'
Authorization=Basic aSdxd892iujendek328uedj
grant_type=refresh_token&
client_id=djc98u3jiedmi283eu928&
refresh_token=REFRESH_TOKEN
Additional documentation can be found here
Upvotes: 1
Related Questions
- How can I force a cognito token refresh from the client
- How to remember & autorefresh login token when using Amazon Web Services Cognito Userpool?
- AWS Cognito - Access and refresh token
- Cognito Refresh Token Expires prematurely
- Cannot refresh session of cognito
- Cognito get new token after updating user attributes
- AWS Cognito refreshing tokens against a different user pool also returns valid tokens
- Aws Cognito no refresh token after login
- Refresh Token AWS Cognito User Pool
- AWS Cognito - How to update developer authenticated users token?