- Mais recentes
- Mais votos
- Mais comentários
You can reduce the token expiration time of your Cognito user pool in the App client settings under Token Configuration. The minimum value is 1 minute, so if you need a shorter time, you'll need to use another authorization service. Additionally, you can revoke a user's access token at any time by using the AdminInitiateAuth API action with the "REVOKE_ACCESS" token challenge. This would prevent the token from being used for further API requests until the user logs in again and receives a new token.
No, AWS Cognito authorizer alone is not enough to ensure safe control of one-time use access to an API Gateway. Additional measures such as time-based policies or unique tokens would need to be implemented to prevent replay attacks and ensure the secure usage of the API.
Conteúdo relevante
- AWS OFICIALAtualizada há 2 anos
- AWS OFICIALAtualizada há 3 anos