1 回答
- 最新
- 投票最多
- 评论最多
0
RFC 9068 was published in October 2021 with these snippets in the Introduction setting the stage for standardization.
The original OAuth 2.0 Authorization Framework [RFC6749] specification does not mandate any specific format for access tokens. [...] This specification aims to provide a standardized and interoperable profile as an alternative to the proprietary JWT access token layouts going forward.
If you need to determine if a token is an access token, Amazon Cognito issued JWTs include a token_use claim as part of the payload with the value access or id (see Using the access token ).
已回答 2 个月前
相关内容
AWS 官方已更新 1 年前- AWS 官方已更新 1 年前
Is there a plan for Cognito to adhere to the JWT spec or will it continue with it's proprietary implementation? It is currently incompatible with tooling that adheres to RFC9068
Jon - please contact your AWS account team about Cognito feature roadmap. Share this link and let them know to contact me for additional background.