By using AWS re:Post, you agree to the AWS re:Post Terms of Use

Amplify session expire/logout after using AWS SNS or AWS SES

0
  • Using SNS for notifications when content is uploaded to S3 via external Python script
  • Using SES for user feedback submission to email
  • Both of these features achieve the desired functionality
  • Amplify is used to manage the Auth flow of the user throughout the app
  • Sessions expire unexpectedly only after using SNS or SES features
  • Without using these features, users stay logged in after app termination

Environment:

  • iOS app with Amplify using swift
  • Cognito User/Identity Pools for authentication
  • AWS SNS and SES services requiring authorized users
  • Authorization using Cognito tokens from Identity Pool

Question: Could the AWS service configurations be causing authentication issues with AWS Amplify since they require authorised users via Cognito tokens?

1 Answer
1

Yes, the issue you're facing with the Amplify session expiring or the user getting logged out unexpectedly after using AWS SNS or AWS SES is likely due to the way the Cognito tokens are being used and managed across different services. Here are a few potential reasons why this might be happening:

Token Expiration and Renewal:

  • When you use Cognito tokens to authenticate with other AWS services like SNS and SES, the tokens have a limited lifespan.
  • If the Cognito tokens used by the SNS or SES service expire before the Amplify session is terminated, it can cause the Amplify session to expire as well.
  • Ensure that you're properly handling token expiration and renewal, both in your Amplify-based app and when interacting with other AWS services.

Cross-Service Token Management:

  • The Cognito tokens used by Amplify and the tokens used by the SNS or SES service may not be properly synchronized or managed across the different services.
  • This can lead to inconsistencies in the authentication state, causing the Amplify session to expire unexpectedly.

Credential Caching and Sharing:

  • Amplify may be caching or sharing the Cognito credentials in a way that is not compatible with the way the SNS or SES service is using them.
  • This can result in the Amplify session becoming invalidated or the user getting logged out.

To address these issues, you can try the following:

Implement Proper Token Expiration and Renewal:

  • Ensure that you're properly handling Cognito token expiration and renewal in your Amplify-based app.
  • Use the Amplify Auth module's currentAuthenticatedUser() and currentSession() methods to retrieve the latest token information and renew the tokens as needed.

Decouple Amplify and AWS Service Authentication:

  • Consider decoupling the authentication between your Amplify-based app and the AWS services (SNS and SES) by using separate sets of Cognito credentials.
  • This can help prevent any cross-service token management issues and keep the authentication states independent.

Investigate Amplify Credential Caching and Sharing:

  • Review the Amplify configuration and the way it's handling the Cognito credentials, especially when interacting with other AWS services.
  • Ensure that the credential caching and sharing mechanisms are not causing conflicts or invalidating the Amplify session.

Implement Robust Error Handling and Retry Mechanisms:

  • Implement robust error handling and retry mechanisms in your app to gracefully handle any authentication-related issues that may arise when using Amplify, SNS, or SES.
  • This can help your app recover from unexpected token expiration or authentication failures without causing the user to be logged out unexpectedly.
AWS
answered 9 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions