AWS Security ChangesHomeSearch

AWS cognito documentation change

Service: cognito · 2025-04-16 · Documentation low

File: cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-caching-tokens.md

Summary

Adjusted heading level and clarified steps for configuring caching parameters, including explicit 'Required' and 'Caching' settings for 'scope' and 'Authorization' headers

Security assessment

Clarifies secure configuration practices for caching tokens, including proper handling of the Authorization header. While not addressing a specific vulnerability, it improves documentation around security-relevant settings.

Diff

diff --git a/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-caching-tokens.md b/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-caching-tokens.md
index 05761a6b7..d47dba0e4 100644
--- a//cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-caching-tokens.md
+++ b//cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-caching-tokens.md
@@ -50 +50 @@ Caching in API Gateway is subject to additional cost. [See pricing for more deta
-## To set up a caching proxy with API Gateway
+###### To set up a caching proxy with API Gateway
@@ -68 +68 @@ Caching in API Gateway is subject to additional cost. [See pricing for more deta
-      1. Add a query string to **URL query string parameters** and choose **Caching** for the `scope` string.
+      1. Add a query string to **URL query string parameters**. Enter a query string **Name** of `scope` and select **Required** and **Caching**.
@@ -70 +70 @@ Caching in API Gateway is subject to additional cost. [See pricing for more deta
-      2. Add a header to **HTTP request headers** and choose **Caching** for the `Authorization` header.
+      2. Add a header to **HTTP request headers**. Enter a request header **Name** of `Authorization` and select **Required** and **Caching**.