2 Answers
- Newest
- Most votes
- Most comments
0
Hello,
From the question I understand that you would like to know what the quotas are for authorization_code and refresh_token grant types as the quotas documentation only specifically mentions an RPS limit for client_credentials.
In regards to the authorization_code and refresh_token the quotas for these two grant types would have the quota based of of user authentication for the InitiateAuth API call. This would mean that the default quota would be 120 RPS and is adjustable.
0
Hello,
Limits consumed when an application calls the Token endpoint with authorization code and refresh token grant type.
- Hosted UI sign-in, in both authorization code and implicit grant types, consumes UserAuthentication category limits.
- Requests to /oauth2/token endpoint for refresh_token grant consumes UserAuthentication category limits.
- Requests to /oauth2/token endpoint for authorization_code grant type has the same limits as UserAuthentication category but does not consume that category limits.
We've the updated the quotas documentation accordingly: https://docs.aws.amazon.com/cognito/latest/developerguide/limits.html#category_operations
answered 5 months ago
Relevant content
- Accepted Answerasked 3 months ago
- asked 6 months ago
- asked a year ago
AWS OFFICIALUpdated 2 years ago- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
Ok, is this regardless of the initial used authentication method, federated or not? (We use OIDC federation)