By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Cognito OAuth Non Expiring Token

0

Does Cognito OAuth has an option to generate a non-expiring token when using authorization code grant type?

A customer wants to migrate their OAuth solution to Cognito and they have an OAuth authorization code grant type who provides a non expiring token to partners. I have not found an option in Cognito to generate a non-expiring token.

Topics
Security, Identity, & Compliance
Tags
Amazon Cognito
Language
English
AWS
AWS-User-2199635
asked 6 years ago2343 views
1 Answer
0
Accepted Answer

By default the access and id token expire after 1 hour but Cognito User Pools also issues a refresh token which expires by default at 30 days and can be extended to 3650 days. You can then use the refresh token to get new id and access tokens. The expiration range for the refresh token should be sufficient for most use cases.

https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html

Is a non-expiring token really a good idea?

AWS
EXPERT
Greg
answered 6 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content