adminitiateauth and refresh tokens


We use the adminInitiateAuth API in our backend to authenticate our clients. We have deployed our Auth API endpoints using API gateway and AWS Lambda with User pools

A web app user authenticates with cognito via our api and the backend admininitiateauth call returns access, id & refresh tokens. Then when the user refreshes their tokens and passes the refresh token to our api we see that admininitiateauth only returns access & id token and not an new refresh token.

How is the user expected to refresh the next time? Does a user only get one refresh?

There is NOTHING in the documentation as you why refreshing tokens via admininitiateauth does not return a new refresh token as well.

Anyone seen this and got any tips?

asked 4 years ago71 views
1 Answer

adminitiateauth never returns a new refreshtoken

I misunderstood how the refreshtokens work.

By increasing expiry time of refreshtoken we can extend the amount of time before the user needs to fully login again to obtain a new refresh token

answered 4 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions