AWS Security ChangesHomeSearch

AWS cognito documentation change

Service: cognito · 2025-03-02 · Documentation low

File: cognito/latest/developerguide/amazon-cognito-user-pools-authentication-flow-methods.md

Summary

Reworded explanation of refresh tokens functionality, removing 'Remember me' checkbox reference

Security assessment

The change is a clarification of refresh tokens functionality but doesn't introduce or modify any security-related information.

Diff

diff --git a/cognito/latest/developerguide/amazon-cognito-user-pools-authentication-flow-methods.md
index 32bc93002..04b835f3a 100644
--- a/cognito/latest/developerguide/amazon-cognito-user-pools-authentication-flow-methods.md
+++ b/cognito/latest/developerguide/amazon-cognito-user-pools-authentication-flow-methods.md
@@ -525 +525 @@ You can set up users who complete sign-in with a username-password flow to be pr
-When you want to permit users to select a _Remember me_ checkbox, _refresh tokens_ are the tool that your application has to persist a user's session. Applications can present refresh tokens to your user pool and exchange them for new ID and access tokens. With token refresh, you can ensure that a signed-in user is still active, get updated attribute information, and update access-control entitlements without user intervention.
+When you want to keep users signed in without re-entering their credentials, _refresh tokens_ are the tool that your application has to persist a user's session. Applications can present refresh tokens to your user pool and exchange them for new ID and access tokens. With token refresh, you can ensure that a signed-in user is still active, get updated attribute information, and update access-control entitlements without user intervention.