AWS Security ChangesHomeSearch

AWS cognito documentation change

Service: cognito · 2025-04-16 · Documentation low

File: cognito/latest/developerguide/amazon-cognito-user-pools-using-the-id-token.md

Summary

Updated link text from 'Verifying a JSON Web Token' to 'Verifying JSON web tokens' for consistency

Security assessment

Change is a minor text adjustment for consistency in terminology, with no security implications or new security content added.

Diff

diff --git a/cognito/latest/developerguide/amazon-cognito-user-pools-using-the-id-token.md b/cognito/latest/developerguide/amazon-cognito-user-pools-using-the-id-token.md
index 4a1017d5c..46926ffcf 100644
--- a//cognito/latest/developerguide/amazon-cognito-user-pools-using-the-id-token.md
+++ b//cognito/latest/developerguide/amazon-cognito-user-pools-using-the-id-token.md
@@ -9 +9 @@ ID Token HeaderID token default payloadID Token Signature
-The ID token is a [JSON Web Token (JWT)](https://tools.ietf.org/html/rfc7519) that contains claims about the identity of the authenticated user, such as `name`, `email`, and `phone_number`. You can use this identity information inside your application. The ID token can also be used to authenticate users to your resource servers or server applications. You can also use an ID token outside of the application with your web API operations. In those cases, you must verify the signature of the ID token before you can trust any claims inside the ID token. See [Verifying a JSON Web Token](./amazon-cognito-user-pools-using-tokens-verifying-a-jwt.html). 
+The ID token is a [JSON Web Token (JWT)](https://tools.ietf.org/html/rfc7519) that contains claims about the identity of the authenticated user, such as `name`, `email`, and `phone_number`. You can use this identity information inside your application. The ID token can also be used to authenticate users to your resource servers or server applications. You can also use an ID token outside of the application with your web API operations. In those cases, you must verify the signature of the ID token before you can trust any claims inside the ID token. See [Verifying JSON web tokens](./amazon-cognito-user-pools-using-tokens-verifying-a-jwt.html). 
@@ -169 +169 @@ User pool custom attributes are always prefixed with `custom:`.
-The signature of the ID token is calculated based on the header and payload of the JWT token. Before you accept the claims in any ID token that your app receives, verify the signature of the token. For more information, see Verifying a JSON Web Token. [Verifying a JSON Web Token](./amazon-cognito-user-pools-using-tokens-verifying-a-jwt.html).
+The signature of the ID token is calculated based on the header and payload of the JWT token. Before you accept the claims in any ID token that your app receives, verify the signature of the token. For more information, see Verifying a JSON Web Token. [Verifying JSON web tokens](./amazon-cognito-user-pools-using-tokens-verifying-a-jwt.html).