Cognito OAuth Non Expiring Token

Question

Does Cognito OAuth has an option to generate a non-expiring token when using authorization code grant type?

A customer wants to migrate their OAuth solution to Cognito and they have an OAuth authorization code grant type who provides a non expiring token to partners.  I have not found an option in Cognito to generate a non-expiring token.

Accepted Answer

By default the access and id token expire after 1 hour but Cognito User Pools also issues a refresh token which expires by default at 30 days and can be extended to 3650 days. You can then use the refresh token to get new id and access tokens. The expiration range for the refresh token should be sufficient for most use cases.

https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html

Is a non-expiring token really a good idea?

https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html

Is a non-expiring token really a good idea?

Cognito OAuth Non Expiring Token

관련 콘텐츠