You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The AWS documentation says "The ID token expires one hour after the user authenticates. You should not process the ID token in your client or web API after it has expired." Taking into account the above statement, it still OK to use ID token in your code?
The text was updated successfully, but these errors were encountered:
We currently do not support refresh tokens and leave that up to the client (typically a webapp / mobile app).
The way the library is currently setup / used in-house is purely to authenticate / authorise request based on a JWT containing the ID Token. The mobile app (that also handles login / signup) is responsible for validating the ID token and refreshing it if needed
We can look into supporting Cognito refresh tokens also ... if you have any suggestions / use-cases feel free...
The AWS documentation says "The ID token expires one hour after the user authenticates. You should not process the ID token in your client or web API after it has expired." Taking into account the above statement, it still OK to use ID token in your code?
The text was updated successfully, but these errors were encountered: