Cognito - Invalidate access token, when we having multiple access token in a short time

We can create an access token and refresh the token using the Cognito user pool (assume the access token timeout is set to 30 Minutes).

Usecase: Generated token two times one after another (T1, T2) as per the Cognito user pool system, both are valid for the next 30 minutes from the created time.

Output: Both tokens are valid for the next 30 minutes.

Expected Behavior: Once T2 is created, T1 must be an invalid token / expired.

Note: You can create T2 from the refresh token or else you can create a new access and refresh token, both having the same result as mentioned above.

How we can manage the tokenization approach in Cognito to overcome this issue? Is there any way or feature in Cognito to achieve this feature?

Topics

Security, Identity, & Compliance AWS Well-Architected Framework

Relevant content

Can i use Id token, access token, refresh token in User pool to identity pool?
AWS-User-5056974
asked 2 years ago
Personal Access Token using Cognito
AlbertH
asked 6 months ago
AWS Cognito Federated IDP - refresh access token
PD
asked 6 months ago
Does Cognito's RevokeToken API call invalidate Access Tokens and/or Id Tokens and/or Refresh Tokens?
aaronmaxcarver
asked 2 years ago
How do I troubleshoot an "Invalid Refresh Token" error from my Amazon Cognito user pool API?
AWS OFFICIALUpdated a year ago
How can I decode and verify the signature of an Amazon Cognito JSON Web Token?
AWS OFFICIALUpdated 2 years ago
How do I revoke refresh tokens issued by Amazon Cognito?
AWS OFFICIALUpdated a year ago
How do I revoke JWT tokens in Amazon Cognito using the AWS CLI?
AWS OFFICIALUpdated a year ago
AWS Cognito Finally Supports Custom Claims for Access Tokens
EXPERT
Antonio_Lagrotteria
published a month ago
Troubleshooting "The Access Key ID or Security Token is Invalid" Error after Upgrading DynamoDB Local to Version 2.0.0 / 1.23.0 or Greater
EXPERT
Leeroy Hannigan
published 10 months ago