- Newest
- Most votes
- Most comments
Hello
You are right, as of today the best way to do this is to implement a lambda trigger, as described in this doc : https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html
Best regards Serge
Hello there,
I understand that you would like to know if there is an existing functionality with Cognito to implement proof-of-possession to secure OAuth tokens sent from the client to Cognito authentication backend against replay attacks.
At the moment, AWS Cognito does not have a native functionality to implement proof-of-possession to secure OAuth tokens sent from the client to Cognito authentication backend.
However, as you pointed out correctly the above use case can be achieved by implementing authentication Lambdas/ Lambda triggers on your Cognito Userpools. The below document elaborates more on integration of Lambda triggers with Cognito userpools.
Additionally, Cognito now supports customisation of access tokens via a Lambda trigger. The below article give more details on the same and how to achieve your requirement with a Pre token generation Lambda trigger.
Relevant content
- asked a year ago
- Accepted Answerasked 3 years ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 6 months ago