We authenticate with an id token on AWS cognito.
If the token expires, we are planning to reissue the id token using the refresh token to continue the http request.
When trying to achieve the above, is it best practice to keep the id token in the client's cookie (memory) and request the server (aws) to reissue the id using the refresh token once it has expired?
However, in that case, I have to check the expiration date of the id token before every http request, so I was wondering if that would be a good idea.
I don't have the code at hand, so I remember vaguely, but if you call Cognito's getSession method, they will refresh you if necessary.
Also, this is a vague recollection, you should not be able to refresh without calling useCodeGrantFlow.
Try using these as keywords.
© 2024 OneMinuteCode. All rights reserved.