Hello, We're using Amazon Cognito as the authentication system for our desktop java client. The login process is working fine. I was able to get the credential from the access token, and use the credential for services like S3, dynamoDB etc.
Now I noticed that Cognito access token only valid for an hour, and I'm trying to use the refresh token to get new access token, but I can't get it to work. I followed the instruction on https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html about how to use the refresh token.
InitiateAuthRequest initiateAuthRequest = new InitiateAuthRequest()
.withAuthFlow(AuthFlowType.REFRESH_TOKEN_AUTH)
.withClientId(CLIENTAPP_ID);
initiateAuthRequest.addAuthParametersEntry("REFRESH_TOKEN", refreshToken);
Then passed the request to a cognitoIdentityProvider
InitiateAuthResult initiateAuthResult = cognitoIdentityProvider.initiateAuth(initiateAuthRequest);
But I'm getting a NotAuthorizedException, saying "Invalid Refresh Token.", I'm really confused about this error, because the refresh token is extracted from the same challenge result as the access token, and the access token obviously is working fine. Please help!
com.amazonaws.services.cognitoidp.model.NotAuthorizedException: Invalid Refresh Token. (Service: AWSCognitoIdentityProvider; Status Code: 400; Error Code: NotAuthorizedException; Request ID: 94aa060a-78cd-11e9-912f-93b3dfdf29d1)
Edited by: yLi on May 17, 2019 11:48 AM
AWS OFFICIALUpdated a year ago
