๐Ÿ˜ŽRefresh JWT

Your access token has a validity of 30 minutes, after which it will expire. To obtain a new access token, you must refresh it using the refresh token. It is the responsibility of you to ensure that the access token is refreshed before it expires.

Request

  • GraphAPI

mutation refresh {
  refresh(input: {refreshToken: "eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiUlNBLU9BRVAifQ.JZZLMti_1TUtMjoDKERID_-oGvcEJgMy5TV_3F-eP0RFRdo7PPYFo56xpViEd80zWkf_Z9W8Qdc_sDzotLu921th6KVeAbWbz8AzqlQplYhKoIt5n9xgkMfSS2Q9v9fVwjfqx-x66GufoHvGwuEfN-0kXKT5pHhP_4C69iVg4wtTqMUwbC4VOcGbNwblxV5Dp088x85LtXaBk0dnN4lNozYdGY-nClNGRDQi3DrMFpl-d6L2NuyQLyY5U9PypWMa1oUn3cfv3HSOw62fmXvxKH6Ig9xD82OKFiSd-pV9hCnOguX_wSCiV3Crg8TlVAcIfCzBH2e2LKT0QPc7qosR2g.y9AnhAXtaZKmRmfp.kAeEUClVg5CYJjb-Uh_ytZeAkMGv6G0K_yQ0ZL51Mefg2DNbKWZrndE0o9gzsanlJ0cjXXknmRiIimpTViHLBKkI1euDUOQBfT3LquqgWSCXwj3OQS8klOTQEeWiPGcv_DiA6rvmrwMK5CIQljpS_uOH-YNV_AUMo8lO8zp2NDoWq2nDgTEKrT_7HhOM91D-DdvEtSC1mdcX3bt8GeeTjj4os9fSvPUykT8G1r-v1KRLQBfI_cCzWTZCQnbZJB1UO9v6e0HUZbW5l3p0gJ9EssvAKK2IZji7X9VfZxH4uYFs7pB8otjaPeMZvNur-rWQ4QZ9OaLqs1DgewnGl8gWcKQzV8uh-KoC7VGtCeAzqiO2Nz-pTaOjiG-sWqyCFv1OXyAjTZfKaYXW2QeXZkb22i4xFUfgqGyTp12AXxb1KlCo67JW29zYf53I04TYZMVO5UWztqzTjtCC3JQ8M04s0XZP_rCNiL-Zrw-IYUe7IMzVDIr22B9VKDtwZNqjsaSSihzAWg9urkUmKGK9udsSL8P82hR2dIMgi_hvD4WJf-eKPHPmwjFzRal71f9267sZFSKwumGO-vv6YonAngkA24vnMXyOdAFOI8TB_jz4n5b4kdO-nNcD5v3KZvernuFLldfsCyowwlpZK1inHJ5kqFatoR9iONK5tPKqNOIjm8riTDdv6WTCG3swcqn_nxggTm8MrQkn-Xt7E-L4Q8UbSYrZ6wfmP83MPapMCal5wKEepZKMo-Qf2wpr8gVuH0riEZEZ8A1sJogLKXgxgTnejeLiCwMDmx0F2g7K67lrh1Jm7YUC0d4NAMl8PVX711hz7E4oNd5qu5KVKi0EiUw_8XLxW0ZAb_m_iHsfiAjpjtuLsGAqCAUuwJmuJ4Nd9-CTICd44AnHycE_TLetUEOn_1U8DBSXdCKUQ4P3AEzxsVCp9QnJUuH7Hf-SVlGiGNwhkToMZ9DZNlyBg7S0N0z6H-EBNQBtNX34te44u749IyPdjRJIZq46Ah-XFTaMza_HdrFSXSN0jVM9y4Jlk0GSDL2klUrVOW9cJnGP7Hv2J68Jet_0-dYM3kwI74c9WS3wLm6Cfp9fi-fOVXo3fBKiyCMZAj7bxi7LAn_HV9hylS4VBdWey37kxUnlO52DkdgEbkmmG_Aa5YVCDxqIpRbnaPwdeIpFxFgNbC-OqWkfc_KxBA8LASwkg4X7G3mTi7OqyKPO481X5U01Ehh3BvlIRcKAalpD9oH2Q_zHcnAGLSlbMuSDkgXkdO4Q0S8k1bp58zJE3Hj7MIX7cupjXQ.1ZEzizB6p5ZBfNEmCzx3CA"}) {
    data {
      accessToken
    }
  }
}

Typescript

import * as AmazonCognitoIdentity from 'amazon-cognito-identity-js';
import * as dotenv from 'dotenv';

console.error('*** start ***');

dotenv.config();
const user_pool_id = process.env.USER_POOL_ID!;
const user_pool_client_id = process.env.USER_POOL_CLIENT_ID!;
const usr = process.env.USER_NAME!;
const refresh_token = process.env.REFRESH_TOKEN!;

const poolData: AmazonCognitoIdentity.ICognitoUserPoolData = {
  UserPoolId: user_pool_id,
  ClientId: user_pool_client_id,
};

const userPool = new AmazonCognitoIdentity.CognitoUserPool(poolData);

const userData: AmazonCognitoIdentity.ICognitoUserData = {
  Username: usr,
  Pool: userPool,
};
const cognitoUser = new AmazonCognitoIdentity.CognitoUser(userData);

function refreshAccessToken(
  refreshToken: string,
  cognitoUser: AmazonCognitoIdentity.CognitoUser
): Promise<string> {
  const refreshTokenObj = new AmazonCognitoIdentity.CognitoRefreshToken({
    RefreshToken: refreshToken,
  });
  return new Promise((resolve, reject) => {
    cognitoUser.refreshSession(refreshTokenObj, (err, session) => {
      if (err) {
        reject(err);
      } else {
        resolve(session.getAccessToken().getJwtToken());
      }
    });
  });
}

refreshAccessToken(refresh_token, cognitoUser)
  .then((accessToken: string) => {
    console.log('Access token');
    console.log(accessToken);
  })
  .catch((err) => {
    console.error('*** error ***');
    console.error('error ' + err);
  });

console.error('*** end ***');

Last updated