By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Cognito does not support the rotation of refresh tokens?

4

Hello, I would like to know if AWS supports the rotation of refresh tokens.

If not, why? Do you think to add this feature?

  • Chirag_R SUPPORT ENGINEER
    3 years ago

    Can I request you to accept this answer in the link ? It will help me alot. Thanks

Topics
Security, Identity, & ComplianceAWS Well-Architected Framework
Tags
Amazon CognitoSecurityAmazon Cognito User Pools
Language
English
Hugo C
asked 3 years ago3.4K views
1 Answer
1

Cognito doesn't support refresh token rotation. By increasing expiry time of refreshtoken we can extend the amount of time before the user needs to fully login again to obtain a new refresh token. I did found a 3rd party article regarding how to use the refresh token. [1]

Link- https://advancedweb.hu/how-to-use-the-refresh-token-with-cognito/ -- [1]

Regarding the feature request, I would recommend opening up a case with the AWS Support Team & work with them directly.

profile pictureAWS
SUPPORT ENGINEER
Chirag_R
answered 3 years ago
  • Hugo C
    3 years ago

    Thank you for your answer

    I will do this

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content