AWS cognito documentation change
Summary
Updated link text from 'Verifying a JSON Web Token' to 'Verifying JSON web tokens' for consistency
Security assessment
Change is a minor text adjustment for consistency in terminology, with no security implications or new security content added.
Diff
diff --git a/cognito/latest/developerguide/amazon-cognito-user-pools-using-the-access-token.md b/cognito/latest/developerguide/amazon-cognito-user-pools-using-the-access-token.md index 8ec950c97..8dc61ef33 100644 --- a//cognito/latest/developerguide/amazon-cognito-user-pools-using-the-access-token.md +++ b//cognito/latest/developerguide/amazon-cognito-user-pools-using-the-access-token.md @@ -17 +17 @@ Your user's access token is permission to request more information about your us -The access token is a [JSON Web Token (JWT)](https://www.rfc-editor.org/rfc/rfc7519). The header for the access token has the same structure as the ID token. Amazon Cognito signs access tokens with a different key from the key that signs ID tokens. The value of an access key ID (`kid`) claim won't match the value of the `kid` claim in an ID token from the same user session. In your app code, verify ID tokens and access tokens independently. Don't trust the claims in an access token until you verify the signature. For more information, see [Verifying a JSON Web Token](./amazon-cognito-user-pools-using-tokens-verifying-a-jwt.html). You can set the access token expiration to any value between 5 minutes and 1 day. You can set this value per app client. +The access token is a [JSON Web Token (JWT)](https://www.rfc-editor.org/rfc/rfc7519). The header for the access token has the same structure as the ID token. Amazon Cognito signs access tokens with a different key from the key that signs ID tokens. The value of an access key ID (`kid`) claim won't match the value of the `kid` claim in an ID token from the same user session. In your app code, verify ID tokens and access tokens independently. Don't trust the claims in an access token until you verify the signature. For more information, see [Verifying JSON web tokens](./amazon-cognito-user-pools-using-tokens-verifying-a-jwt.html). You can set the access token expiration to any value between 5 minutes and 1 day. You can set this value per app client. @@ -145 +145 @@ The username of your user in your user pool. -The signature of the access token is calculated based on the header and payload of the JWT token. When used outside of an application in your web APIs, you must always verify this signature before accepting the token. For more information, see [Verifying a JSON Web Token](./amazon-cognito-user-pools-using-tokens-verifying-a-jwt.html). +The signature of the access token is calculated based on the header and payload of the JWT token. When used outside of an application in your web APIs, you must always verify this signature before accepting the token. For more information, see [Verifying JSON web tokens](./amazon-cognito-user-pools-using-tokens-verifying-a-jwt.html).