By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

adminitiateauth and refresh tokens

0

We use the adminInitiateAuth API in our backend to authenticate our clients. We have deployed our Auth API endpoints using API gateway and AWS Lambda with User pools

A web app user authenticates with cognito via our api and the backend admininitiateauth call returns access, id & refresh tokens. Then when the user refreshes their tokens and passes the refresh token to our api we see that admininitiateauth only returns access & id token and not an new refresh token.

How is the user expected to refresh the next time? Does a user only get one refresh?

There is NOTHING in the documentation as you why refreshing tokens via admininitiateauth does not return a new refresh token as well.

Anyone seen this and got any tips?

Topics
Security, Identity, & Compliance
Tags
Amazon Cognito
Language
English
Mark Lloyd
asked 5 years ago353 views
1 Answer
0

adminitiateauth never returns a new refreshtoken

I misunderstood how the refreshtokens work.

By increasing expiry time of refreshtoken we can extend the amount of time before the user needs to fully login again to obtain a new refresh token

Mark Lloyd
answered 5 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content