AWS Security ChangesHomeSearch

AWS marketplace documentation change

Service: marketplace · 2025-03-10 · Documentation low

File: marketplace/latest/userguide/saas-product-customer-setup.md

Summary

Updated registration token expiration time from approximately 1 hour to 4 hours

Security assessment

Change adjusts token expiration duration but does not address a specific security vulnerability or weakness. No evidence of security incident remediation.

Diff

diff --git a/marketplace/latest/userguide/saas-product-customer-setup.md
index b632495d4..f852d6f2d 100644
--- a/marketplace/latest/userguide/saas-product-customer-setup.md
+++ b/marketplace/latest/userguide/saas-product-customer-setup.md
@@ -62 +62 @@ Do not activate a product subscription unless you receive a `subscribe-success`
-As a seller, it’s your responsibility to trust only customer identifiers that are immediately returned from AWS or those that your system has signed. We recommend that you resolve the registration token immediately because it may expire after approximately 1 hour. After you resolve the registration token, store the customer identifier as a signed attribute on the customer’s browser session until the registration is complete.
+As a seller, it’s your responsibility to trust only customer identifiers that are immediately returned from AWS or those that your system has signed. We recommend that you resolve the registration token immediately because it expires after four hours. After you resolve the registration token, store the customer identifier as a signed attribute on the customer’s browser session until the registration is complete.