AWS solutions documentation change
Summary
Updated title formatting, changed 'expiresIn' type from number to string, made schema properties optional, and added endpoint description
Security assessment
Changes focus on documentation formatting and schema corrections. While refresh tokens are security-related, there's no evidence these changes address a specific vulnerability.
Diff
diff --git a/solutions/latest/dea-api/auth-refreshtoken.md index 7950e73f0..f73fa5344 100644 --- a/solutions/latest/dea-api/auth-refreshtoken.md +++ b/solutions/latest/dea-api/auth-refreshtoken.md @@ -7,3 +7 @@ URIHTTP methodsSchemasProperties -# Auth – Refresh token - -Refresh tokens improve user experience by allowing the user to stay logged in for longer periods without having to frequently re-authenticate. It also enhances security by minimizing exposure of the user's credentials. When a user logs in, they receive both an access token and a refresh token. The refresh token obtains a new access token from the refresh endpoint when the current access token expires. If the refresh token is valid, the refresh endpoint returns a new access token. +# Auth RefreshToken @@ -20,0 +19,2 @@ Refresh tokens improve user experience by allowing the user to stay logged in fo +Fetches new ID Token to refresh credentials using Refresh Token + @@ -23 +23 @@ ResponsesStatus code| Response model| Description -`200`| `getTokenResult`| Id Token and Cognito information for fetching credentials +`200`| `getTokenResult`| Successfully returns Id token and Cognito information for fetching credentials. @@ -34 +34 @@ ResponsesStatus code| Response model| Description - "expiresIn": number + "expiresIn": "string" @@ -43,4 +43,4 @@ Property| Type| Required| Description -`expiresIn`| number| True| -`identityPoolId`| string| True| -`idToken`| string| True| -`userPoolId`| string| True| +`expiresIn`| string| False| +`identityPoolId`| string| False| +`idToken`| string| False| +`userPoolId`| string| False| @@ -54 +54 @@ To use the Amazon Web Services Documentation, Javascript must be enabled. Please -Auth – Logout URL +Auth LogoutUrl @@ -56 +56 @@ Auth – Logout URL -Auth – Revoke token +Auth RevokeToken