Posted On: Aug 12, 2020
Amazon Cognito User Pools now enables customers to choose how long their access and refresh tokens should be valid. Access tokens can be configured to expire in as little as five minutes or as long as 24 hours. Refresh tokens can be configured to expire in as little as one hour or as long as ten years. These customizations enable Amazon Cognito customers to balance the security and usability of each application they develop.
Amazon Cognito User Pools provide a secure user directory that scales to millions of users. As a fully managed service, User Pools provide an identity and authentication layer to applications.
Customization of token expiration is available in all regions where Amazon Cognito operates. For a list of regions where Amazon Cognito is available, see the AWS Region table. To learn more about Amazon Cognito, visit the documentation. To get started, visit the Amazon Cognito home page.