Obtaining new Access and Refresh Token in case of Device Authorization Grant with AWS Cognito

0

We are implementing the Device Authorization Grant with AWS Cognito using the information provided in this AWS Blog - Implement OAuth 2.0 device grant flow by using Amazon Cognito and AWS Lambda. Related to this setup, what is the way to get a new access token and refresh token using the current refresh token? What is the endpoint to which the request has to be sent? A sample request and response for this flow would be helpful.

Pradhan
asked a month ago62 views
2 Answers
1
Accepted Answer

You need to send a POST request with your refresh token to the Cognito token endpoint.

ℹ️ In the previous link you will find some examples of requests and responses

profile picture
EXPERT
answered a month ago
profile picture
EXPERT
reviewed 2 days ago
1

Thank you, @Osvaldo Marte.

Request:

curl --location 'https://{your-cognito-domain}.auth.{aws-region}.amazoncognito.com/oauth2/token' \
--header 'Authorization: Basic {Base64Encode(client_id:client_secret)}' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=refresh_token' \
--data-urlencode 'refresh_token={your_refresh_token}'

The response will be:

{
    "id_token": "{id_token}",
    "access_token": "{access_token}",
    "expires_in": 3600,
    "token_type": "Bearer"
}
Pradhan
answered a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions