I have a Cognito user pool client application that is integrated with other application, and I need to increase the RefreshTokenValidity using CloudFormation YAML. However, whenever I update the RefreshTokenValidity property, all the callback URLs that were previously added during authentication get deleted.
Here’s a snippet of my CloudFormation YAML:
DemoCognitoOpenIdClient:
Type: AWS::Cognito::UserPoolClient
Properties:
UserPoolId: !Ref CognitoUserPool
ClientName: DemoCognitoOpenIdClient
GenerateSecret: true
ExplicitAuthFlows:
– ALLOW_REFRESH_TOKEN_AUTH
– ALLOW_USER_SRP_AUTH
– ALLOW_CUSTOM_AUTH
– ALLOW_USER_PASSWORD_AUTH
– ALLOW_ADMIN_USER_PASSWORD_AUTH
AllowedOAuthFlowsUserPoolClient: true
AllowedOAuthScopes:
– openid
– phone
– email
TokenValidityUnits:
AccessToken: hours
IdToken: hours
RefreshToken: days
AuthSessionValidity: 3
RefreshTokenValidity: 190 # Current value
AccessTokenValidity: 1
IdTokenValidity: 1
EnableTokenRevocation: true
PreventUserExistenceErrors: ENABLED
SupportedIdentityProviders:
– “COGNITO”
CallbackURLs:
– https://.zyx.com
– https://.xyz.com
AllowedOAuthFlows:
– “code”