How to expire Cognito App credentials

Question

I have created a Cognito pool and an app. I want the ClientID and ClienrSecret to be expired in 10days from the date of creations. How do I do it?

Accepted Answer

Hi,

According to the [AWS documentation](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-client-apps.html), you can't change secrets after you create an app, so you will need to create a new app with a new secret if you want to rotate the secret.

A cost effective solution could be to embed this logic into an AWS Lambda function and schedule the execution [using EventBridge](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-run-lambda-schedule.html).

How to expire Cognito App credentials

相關內容