Cognito refresh token won't work.


Hello, We're using Amazon Cognito as the authentication system for our desktop java client. The login process is working fine. I was able to get the credential from the access token, and use the credential for services like S3, dynamoDB etc.
Now I noticed that Cognito access token only valid for an hour, and I'm trying to use the refresh token to get new access token, but I can't get it to work. I followed the instruction on about how to use the refresh token.

InitiateAuthRequest initiateAuthRequest = new InitiateAuthRequest()
initiateAuthRequest.addAuthParametersEntry("REFRESH_TOKEN", refreshToken);

Then passed the request to a cognitoIdentityProvider

InitiateAuthResult initiateAuthResult = cognitoIdentityProvider.initiateAuth(initiateAuthRequest);

But I'm getting a NotAuthorizedException, saying "Invalid Refresh Token.", I'm really confused about this error, because the refresh token is extracted from the same challenge result as the access token, and the access token obviously is working fine. Please help! Invalid Refresh Token. (Service: AWSCognitoIdentityProvider; Status Code: 400; Error Code: NotAuthorizedException; Request ID: 94aa060a-78cd-11e9-912f-93b3dfdf29d1)

Edited by: yLi on May 17, 2019 11:48 AM

asked 4 years ago350 views
2 Answers

Did you ever figure this out - the question is marked answered, but I don't see an answer - I'm having the exact same problem - and it's very confusing. I have a test case that grabs the tokens from auth, and then tries refresh, and it immediately fails - it's very frustrating!

answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions