- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
You can reduce the token expiration time of your Cognito user pool in the App client settings under Token Configuration. The minimum value is 1 minute, so if you need a shorter time, you'll need to use another authorization service. Additionally, you can revoke a user's access token at any time by using the AdminInitiateAuth API action with the "REVOKE_ACCESS" token challenge. This would prevent the token from being used for further API requests until the user logs in again and receives a new token.
No, AWS Cognito authorizer alone is not enough to ensure safe control of one-time use access to an API Gateway. Additional measures such as time-based policies or unique tokens would need to be implemented to prevent replay attacks and ensure the secure usage of the API.
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor 3 Jahren
- AWS OFFICIALAktualisiert vor einem Jahr
- AWS OFFICIALAktualisiert vor 2 Jahren