How I can make AWS cognito access token from JWT to opaque symmetric token?

Question

I'm using AWS cognito in google account linking in smart home skills. In documentation of google smart home suite JWT format access token is not recommended. If a JWT format is found, the following warning is displayed: The access token seems to be JWT, this is not good. Because it unnecessarily exposes information about partner implementation an we recommend opaque symmetric encrypted access token. LINK

How we can overcome this problem. How we can customise authorisation flow in AWS cognito

score 0 · Answer 1 · answered Mar 14 '23 at 02:48

Smart Home Test Suite conducts set of tests for OAuth 2.0 validation. It checks whether access token has JWT format. This type of access token is not recommended as it contains info other than necessary credentials. You can find another library or system from AWS that doesn’t generate JWT but uses generic access token instead, or you can use VPS(virtual private server) and run your account linking system on it and provide the endpoints to Google.

How I can make AWS cognito access token from JWT to opaque symmetric token?

1 Answers1