How to get REFRESH_TOKEN_AUTH request to return RefreshToken The Next CEO of Stack OverflowIs this auth flow possible with Amazon Cognito Identity and User PoolAWS - Cognito Identity with nodejs - What to do with tokensDoes the SES email quota apply to verification mail by Amazon Cognito?How to authenticate a cognito user with access token and id tokenJS AWS Cognito Sign up and link social providerCognito User Pool - Linked providers how to authenticateGet identity provider oauth tokens in AWS cognito user poolCognito Facebook social login with Angular 6: How to use returned code to authenticate user in amplify AuthCannot refresh session of cognitoContinue with custom auth flow after NEW_PASSWORD_REQUIRED challenge is answered in AWS Cognito
Incomplete cube
Could a dragon use hot air to help it take off?
How seriously should I take size and weight limits of hand luggage?
Is the 21st century's idea of "freedom of speech" based on precedent?
How did scripture get the name bible?
Free fall ellipse or parabola?
What does this strange code stamp on my passport mean?
Find a path from s to t using as few red nodes as possible
Why do we say “un seul M” and not “une seule M” even though M is a “consonne”?
Would a grinding machine be a simple and workable propulsion system for an interplanetary spacecraft?
My boss doesn't want me to have a side project
Is the offspring between a demon and a celestial possible? If so what is it called and is it in a book somewhere?
What happens if you break a law in another country outside of that country?
Why does sin(x) - sin(y) equal this?
Small nick on power cord from an electric alarm clock, and copper wiring exposed but intact
What is a typical Mizrachi Seder like?
That's an odd coin - I wonder why
What difference does it make matching a word with/without a trailing whitespace?
How to show a landlord what we have in savings?
How exploitable/balanced is this homebrew spell: Spell Permanency?
Mathematica command that allows it to read my intentions
Compensation for working overtime on Saturdays
Does Germany produce more waste than the US?
What is the difference between 'contrib' and 'non-free' packages repositories?
How to get REFRESH_TOKEN_AUTH request to return RefreshToken
The Next CEO of Stack OverflowIs this auth flow possible with Amazon Cognito Identity and User PoolAWS - Cognito Identity with nodejs - What to do with tokensDoes the SES email quota apply to verification mail by Amazon Cognito?How to authenticate a cognito user with access token and id tokenJS AWS Cognito Sign up and link social providerCognito User Pool - Linked providers how to authenticateGet identity provider oauth tokens in AWS cognito user poolCognito Facebook social login with Angular 6: How to use returned code to authenticate user in amplify AuthCannot refresh session of cognitoContinue with custom auth flow after NEW_PASSWORD_REQUIRED challenge is answered in AWS Cognito
I am using Amazon Cognito to login users and save a RefreshToken
so they don't have to type their password after the initial setup. I need to be able to login with the RefreshToken
and get a new RefreshToken
to save for next time. However, when I call InitiateAuthAsync
, it does not return the RefreshToken
.
C#:
var refreshReq = new InitiateAuthRequest();
refreshReq.ClientId = _clientId;
refreshReq.AuthFlow = AuthFlowType.REFRESH_TOKEN_AUTH;
refreshReq.AuthParameters.Add("SECRET_HASH",
SecretHash(_clientId, _clientSecret, username));
refreshReq.AuthParameters.Add("REFRESH_TOKEN", refreshToken);
var clientResp = cognitoProvider.InitiateAuthAsync(refreshReq).Result;
Response:
"AuthenticationResult":
"AccessToken": "<accessToken>",
"ExpiresIn": 3600,
"IdToken": "<idToken>",
"TokenType": "Bearer"
,
"ChallengeParameters":
And this is the response from the login with a working ResponseToken:
"AuthenticationResult":
"AccessToken": "<accessToken>",
"ExpiresIn": 3600,
"IdToken": "<idToken>",
"RefreshToken": "<refreshToken>",
"TokenType": "Bearer"
,
"ChallengeParameters":
c#-4.0 amazon-cognito
add a comment |
I am using Amazon Cognito to login users and save a RefreshToken
so they don't have to type their password after the initial setup. I need to be able to login with the RefreshToken
and get a new RefreshToken
to save for next time. However, when I call InitiateAuthAsync
, it does not return the RefreshToken
.
C#:
var refreshReq = new InitiateAuthRequest();
refreshReq.ClientId = _clientId;
refreshReq.AuthFlow = AuthFlowType.REFRESH_TOKEN_AUTH;
refreshReq.AuthParameters.Add("SECRET_HASH",
SecretHash(_clientId, _clientSecret, username));
refreshReq.AuthParameters.Add("REFRESH_TOKEN", refreshToken);
var clientResp = cognitoProvider.InitiateAuthAsync(refreshReq).Result;
Response:
"AuthenticationResult":
"AccessToken": "<accessToken>",
"ExpiresIn": 3600,
"IdToken": "<idToken>",
"TokenType": "Bearer"
,
"ChallengeParameters":
And this is the response from the login with a working ResponseToken:
"AuthenticationResult":
"AccessToken": "<accessToken>",
"ExpiresIn": 3600,
"IdToken": "<idToken>",
"RefreshToken": "<refreshToken>",
"TokenType": "Bearer"
,
"ChallengeParameters":
c#-4.0 amazon-cognito
add a comment |
I am using Amazon Cognito to login users and save a RefreshToken
so they don't have to type their password after the initial setup. I need to be able to login with the RefreshToken
and get a new RefreshToken
to save for next time. However, when I call InitiateAuthAsync
, it does not return the RefreshToken
.
C#:
var refreshReq = new InitiateAuthRequest();
refreshReq.ClientId = _clientId;
refreshReq.AuthFlow = AuthFlowType.REFRESH_TOKEN_AUTH;
refreshReq.AuthParameters.Add("SECRET_HASH",
SecretHash(_clientId, _clientSecret, username));
refreshReq.AuthParameters.Add("REFRESH_TOKEN", refreshToken);
var clientResp = cognitoProvider.InitiateAuthAsync(refreshReq).Result;
Response:
"AuthenticationResult":
"AccessToken": "<accessToken>",
"ExpiresIn": 3600,
"IdToken": "<idToken>",
"TokenType": "Bearer"
,
"ChallengeParameters":
And this is the response from the login with a working ResponseToken:
"AuthenticationResult":
"AccessToken": "<accessToken>",
"ExpiresIn": 3600,
"IdToken": "<idToken>",
"RefreshToken": "<refreshToken>",
"TokenType": "Bearer"
,
"ChallengeParameters":
c#-4.0 amazon-cognito
I am using Amazon Cognito to login users and save a RefreshToken
so they don't have to type their password after the initial setup. I need to be able to login with the RefreshToken
and get a new RefreshToken
to save for next time. However, when I call InitiateAuthAsync
, it does not return the RefreshToken
.
C#:
var refreshReq = new InitiateAuthRequest();
refreshReq.ClientId = _clientId;
refreshReq.AuthFlow = AuthFlowType.REFRESH_TOKEN_AUTH;
refreshReq.AuthParameters.Add("SECRET_HASH",
SecretHash(_clientId, _clientSecret, username));
refreshReq.AuthParameters.Add("REFRESH_TOKEN", refreshToken);
var clientResp = cognitoProvider.InitiateAuthAsync(refreshReq).Result;
Response:
"AuthenticationResult":
"AccessToken": "<accessToken>",
"ExpiresIn": 3600,
"IdToken": "<idToken>",
"TokenType": "Bearer"
,
"ChallengeParameters":
And this is the response from the login with a working ResponseToken:
"AuthenticationResult":
"AccessToken": "<accessToken>",
"ExpiresIn": 3600,
"IdToken": "<idToken>",
"RefreshToken": "<refreshToken>",
"TokenType": "Bearer"
,
"ChallengeParameters":
c#-4.0 amazon-cognito
c#-4.0 amazon-cognito
edited Mar 8 at 20:18
Rachel Martin
asked Mar 8 at 19:33
Rachel MartinRachel Martin
165314
165314
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
The refresh token is a long-lived token and there's no point returning it as it's still valid for many days. If the default 30-day expiry time is not long enough you can increase it to up to 3650 days.
Of course there's a point in returning a new token! After 30 days (actually 28 because of February), my users had to re-enter their password, which they don't remember after a month. I hesitate to make this the answer, though, since the answer is that it's broken.
– Rachel Martin
Mar 14 at 15:36
add a comment |
Apparently this is a bug in the AWS Cognito API. The docs say that InitiateAuth
should return an updated RefreshToken, but it does not.
add a comment |
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55069851%2fhow-to-get-refresh-token-auth-request-to-return-refreshtoken%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
The refresh token is a long-lived token and there's no point returning it as it's still valid for many days. If the default 30-day expiry time is not long enough you can increase it to up to 3650 days.
Of course there's a point in returning a new token! After 30 days (actually 28 because of February), my users had to re-enter their password, which they don't remember after a month. I hesitate to make this the answer, though, since the answer is that it's broken.
– Rachel Martin
Mar 14 at 15:36
add a comment |
The refresh token is a long-lived token and there's no point returning it as it's still valid for many days. If the default 30-day expiry time is not long enough you can increase it to up to 3650 days.
Of course there's a point in returning a new token! After 30 days (actually 28 because of February), my users had to re-enter their password, which they don't remember after a month. I hesitate to make this the answer, though, since the answer is that it's broken.
– Rachel Martin
Mar 14 at 15:36
add a comment |
The refresh token is a long-lived token and there's no point returning it as it's still valid for many days. If the default 30-day expiry time is not long enough you can increase it to up to 3650 days.
The refresh token is a long-lived token and there's no point returning it as it's still valid for many days. If the default 30-day expiry time is not long enough you can increase it to up to 3650 days.
answered Mar 12 at 11:59
TomaszTomasz
362
362
Of course there's a point in returning a new token! After 30 days (actually 28 because of February), my users had to re-enter their password, which they don't remember after a month. I hesitate to make this the answer, though, since the answer is that it's broken.
– Rachel Martin
Mar 14 at 15:36
add a comment |
Of course there's a point in returning a new token! After 30 days (actually 28 because of February), my users had to re-enter their password, which they don't remember after a month. I hesitate to make this the answer, though, since the answer is that it's broken.
– Rachel Martin
Mar 14 at 15:36
Of course there's a point in returning a new token! After 30 days (actually 28 because of February), my users had to re-enter their password, which they don't remember after a month. I hesitate to make this the answer, though, since the answer is that it's broken.
– Rachel Martin
Mar 14 at 15:36
Of course there's a point in returning a new token! After 30 days (actually 28 because of February), my users had to re-enter their password, which they don't remember after a month. I hesitate to make this the answer, though, since the answer is that it's broken.
– Rachel Martin
Mar 14 at 15:36
add a comment |
Apparently this is a bug in the AWS Cognito API. The docs say that InitiateAuth
should return an updated RefreshToken, but it does not.
add a comment |
Apparently this is a bug in the AWS Cognito API. The docs say that InitiateAuth
should return an updated RefreshToken, but it does not.
add a comment |
Apparently this is a bug in the AWS Cognito API. The docs say that InitiateAuth
should return an updated RefreshToken, but it does not.
Apparently this is a bug in the AWS Cognito API. The docs say that InitiateAuth
should return an updated RefreshToken, but it does not.
answered Mar 14 at 15:27
Rachel MartinRachel Martin
165314
165314
add a comment |
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55069851%2fhow-to-get-refresh-token-auth-request-to-return-refreshtoken%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown