Cognito OAuth Non Expiring Token

0

Does Cognito OAuth has an option to generate a non-expiring token when using authorization code grant type?

A customer wants to migrate their OAuth solution to Cognito and they have an OAuth authorization code grant type who provides a non expiring token to partners. I have not found an option in Cognito to generate a non-expiring token.

AWS
已提问 6 年前2227 查看次数
1 回答
0
已接受的回答

By default the access and id token expire after 1 hour but Cognito User Pools also issues a refresh token which expires by default at 30 days and can be extended to 3650 days. You can then use the refresh token to get new id and access tokens. The expiration range for the refresh token should be sufficient for most use cases.

https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html

Is a non-expiring token really a good idea?

AWS
专家
Greg
已回答 6 年前

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则