1 Answer
- Newest
- Most votes
- Most comments
0
By default the access and id token expire after 1 hour but Cognito User Pools also issues a refresh token which expires by default at 30 days and can be extended to 3650 days. You can then use the refresh token to get new id and access tokens. The expiration range for the refresh token should be sufficient for most use cases.
Is a non-expiring token really a good idea?
Relevant content
- asked 3 years ago
- asked 4 months ago
- asked 10 months ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago