Can you request a SHORTER token expiration in the InitiateAuth request for Cognito IDP?

In Cognito IDP, is it possible to request a SHORTER token expiration than what the App Client lifetime is? I have a need to generate a shorter life token. Is the way to do that to just create/use a second App client ID with a shorter lifetime?

Topics

Security, Identity, & Compliance

Tags

Amazon Cognito

Language

English

wz2b

asked a year ago225 views

1 Answer

Newest
Most votes
Most comments

Accepted Answer

Hi there!

Yes, you should create a new application to change the token expiration. When you create an application for your user pool, you can set the application's refresh token expiration to any value between 60 minutes and 10 years.

I hope this helps.

EXPERT

Jose Guay

answered a year ago

EXPERT

AWS-User-Nitin

reviewed a year ago

Relevant content

External IDP Tokens in Cognito User Pools
camiloking
asked 2 years ago
Cognito IdP: Include "nonce" token in "id_token"
AWS-User-3007764
asked 2 years ago
Exchange IdP tokens for Cognito tokens
Shruthi
asked 6 months ago
ECR:The security token included in the request is expired
rePost-User-9749730
asked a year ago
How do I revoke JWT tokens in Amazon Cognito using the AWS CLI?
AWS OFFICIALUpdated a year ago
How do I get IdP-issued OIDC or social identity tokens for Amazon Cognito user pools?
AWS OFFICIALUpdated 2 months ago
How do I resolve the error ‘The security token included in the request is expired’ when running Java applications on Amazon EC2?
AWS OFFICIALUpdated 2 years ago
How can I troubleshoot the AWS STS error “the security token included in the request is expired” when using the AWS CLI to assume an IAM role?
AWS OFFICIALUpdated 2 years ago
AWS Cognito Finally Supports Custom Claims for Access Tokens
EXPERT
Antonio_Lagrotteria
published a month ago
How to Rotate your External IdP Certificates in AWS IAM Identity Center (successor to AWS Single Sign-On) with Zero Downtime
EXPERT
Matt-B
published a year ago