AWS Security ChangesHomeSearch

AWS solutions documentation change

Service: solutions · 2025-03-10 · Documentation low

File: solutions/latest/dea-api/auth-authcode-token.md

Summary

Rewrote authentication token documentation: simplified headers, removed request body details, changed data types/required flags in schemas, and removed codeVerifier documentation

Security assessment

While authentication token handling is security-related, changes appear to be documentation restructuring rather than addressing a specific vulnerability. No explicit security warnings or CVE mentions.

Diff

diff --git a/solutions/latest/dea-api/auth-authcode-token.md
index 247cc0bb4..01c231bb9 100644
--- a/solutions/latest/dea-api/auth-authcode-token.md
+++ b/solutions/latest/dea-api/auth-authcode-token.md
@@ -7,3 +7 @@ URIHTTP methodsSchemasProperties
-# Auth – Token
-
-The authorization code token secures access to DEA by ensuring that only authorized users can access its resources. When a user or application wants to access DEA, they first authenticate themselves by providing their credentials. After successful authentication, the application requests an authorization code token from the API. This token acts as proof that the user has been authenticated and is authorized to access DEA. This token is a string of characters unique to the requester and has a limited lifespan. After the token expires, the user or application must authenticate again to obtain a new token.
+#  Auth authCode Token
@@ -20,0 +19,2 @@ The authorization code token secures access to DEA by ensuring that only authori
+Returns ID Token and sets Oauth Cookie
+
@@ -32 +32 @@ ResponsesStatus code| Response model| Description
-`200`| `getTokenResult`| Id Token and Cognito information for fetching credentials  
+`200`| `getTokenResult`| Successfully revoked token.  
@@ -36,7 +35,0 @@ ResponsesStatus code| Response model| Description
-### Request bodies
-    
-    
-    {
-      "codeVerifier": "string"
-    }
-
@@ -50 +43 @@ ResponsesStatus code| Response model| Description
-      "expiresIn": number
+      "expiresIn": "string"
@@ -55,6 +47,0 @@ ResponsesStatus code| Response model| Description
-### codeVerifier
-
-Property| Type| Required| Description  
----|---|---|---  
-`codeVerifier`| string| False|   
-  
@@ -65,4 +52,4 @@ Property| Type| Required| Description
-`expiresIn`| number| True|   
-`identityPoolId`| string| True|   
-`idToken`| string| True|   
-`userPoolId`| string| True|   
+`expiresIn`| string| False|   
+`identityPoolId`| string| False|   
+`idToken`| string| False|   
+`userPoolId`| string| False|   
@@ -76 +63 @@ To use the Amazon Web Services Documentation, Javascript must be enabled. Please
-Auth – Revoke token
+Resources
@@ -78 +65 @@ Auth – Revoke token
-Available endpoints
+Auth LoginUrl