By using AWS re:Post, you agree to the Terms of Use

Questions tagged with Amazon EventBridge

Sort by most recent

Browse through the questions and answers listed below or filter and sort to narrow down your results.

0
answers
0
votes
31
views
asked 6 months ago

EventBridge API Destinations - Created Auth0 tokens are already expired

I think there is an issue with how auth tokens are being handled/supplied. When my event bus receives an event and my rule passes the event into my API Destination my API rejects the communication with a 403. After looking at the bearer token jwt, the token creation date iat value is set to the time the API Destination & connection was authorized, even hours later. The concept of bearer tokens are to be short lived and I would expect that the API Destination would request a new bearer token each time it is invoked. example: 1. I created an API Destination w/ a valid connection on Friday Apr 1 at 7am. 2. My bearer tokens have a 60 min TTL 3. My event bus receives a valid event on Friday Apr 1 at 730am 4. A rule sends the event into my API Destination which uses its token send the event to my API and it is successful 5. My event bus receives another valid event on Friday Apr 1 at 830am 6. A rule sends the event into my API Destination which uses its token send the event to my API and it fails. For step 4 & 6 above the token is identical. I would have expected the API destination to call the auth url with its credentials to get a new bearer token From what I can tell the JWT created time will always be this date/time here and I have been fully unable to get a valid & unexpired JWT created anytime after an hour from launching the API Destination. Two supporting images [here](https://photos.app.goo.gl/nkKJG6YpKuE31fQq5)
1
answers
1
votes
126
views
asked 6 months ago