Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Refresh token validation

0

I receive access, id and refresh token from aws cognito. I can decode id and access token using jwt.io and also validate the signatures but for every refresh token it gives invalid signature. How can i validate the refresh token as i have to pass it in an API i created.

Topics
Security, Identity, & Compliance
Tags
Amazon Cognito
Language
English
asked 3 years ago1.3K views
2 Answers
1

Hi,

According to AWS documentation, Amazon Cognito refresh tokens are encrypted, and can't be read by Amazon Cognito administrators or users, neither validate it. You should use it to get new tokens or revoke existing tokens.

EXPERT
answered 3 years ago
EXPERT
reviewed 3 years ago
0

In the documentation that Mikel refers to, there are details on "Storing tokens" after performing authentication with Amazon Cognito user pools. Once the authorization is complete, your application MUST be able to store the session token to allow for continued re-use until the token expires. A function for re-try and re-authentication on expiration in the application being implemented when the JWT expires. These are custom function implementation.

AWS
answered 3 years ago
EXPERT
reviewed 3 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content