0

In my application I have used aws cognito with next auth for user auth.

In the jwt callback that I have from api next-auth I receive an access token, which is then saved and sent to the client side. There, I save it in local storage and, among other things, I send it to my api which checks if it is correct.

The problem is that after an hour the access token expires and does not get a new one (always next-auth gives me old value). Has anyone had a similar flow and knows how to manage a session refresh? I will add that I am not automatically logged out because next-auth is managing it underneath, but it does not return the value of the new access token to me.

Do you have any ways how to manage this?

juliomalves
  • 42,130
  • 20
  • 150
  • 146
yazpid
  • 135
  • 2
  • 18

1 Answers1

0

I can suggest a workaround that would take the least effort to solve this quickly. Amazon Cognito contains 3 kinds of tokens, the ID Token, Access Token and Refresh Token.

From the Amazon Cognito console, you can increase the validity of the token you're dealing with from there. A good idea is to refer to this answer.

Albeit you might need a couple of methods to assert security and robustness.

Arka Mukherjee
  • 2,083
  • 1
  • 13
  • 27
  • Arka Mukherjee thx for your answer. Do you know why I cannot receive valid `access token` if old one is expired ? It's strange for me. Do you suggest to me use `Id Token` instead of `Access token` ? – yazpid Nov 08 '21 at 20:02