AWS Cognito: Update JWT ID Token When User Attribute Changes

Question

AWS Cognito: Update JWT ID Token When User Attribute Changes

I want to add a specific attribute to the token payload. This attribute can be changed rarely (once a month), however, I would like tokens to be updated immediately after this change.

WORKFLOW

In a web / mobile application, the user opens the profile view and changes the X attribute. The current value of this attribute is also stored in the identifier token. Therefore, when the user submits the changes, the new value of X must be stored on the backend and should replace the old value in the identifier token. This is important because the X attribute determines whether the user can or cannot do certain things in the application.

What does Cognito do when the payload attribute changes? Does it send a new version of the JWT ID token to the next request?

Should I use update token? Or forced to log in and out?

+5

amazon-web-services amazon-cognito

nicq Jun 2 '17 at 8:35

source share

1 answer

Vinay kushwaha · Answer 1 · 2017-06-03T19:41:37+0000

Update the token will be more appropriate in this utility. Currently, updating the stream of tokens is not displayed in the high-level SDK for the SDK for user pools, because it is performed behind the scenes using the SDK. At this point, you may need to call the update token from the low-level SDK to get around this. (I'm a developer from Amazon Cognito, we will see this as a feature request to enable this with our high-level SDKs.)

AWS Cognito: Update JWT ID Token When User Attribute Changes

More articles: