AWS Security ChangesHomeSearch

AWS cognito documentation change

Service: cognito · 2025-04-16 · Documentation low

File: cognito/latest/developerguide/cognito-how-to-authenticate.md

Summary

Clarified managed login requirements by specifying 'OIDC authorization server' terminology

Security assessment

Change improves technical accuracy of OIDC server references but does not introduce new security documentation or address vulnerabilities

Diff

diff --git a/cognito/latest/developerguide/cognito-how-to-authenticate.md b/cognito/latest/developerguide/cognito-how-to-authenticate.md
index ef487da05..cda0b8ff6 100644
--- a//cognito/latest/developerguide/cognito-how-to-authenticate.md
+++ b//cognito/latest/developerguide/cognito-how-to-authenticate.md
@@ -36 +36 @@ Applications collect users' JWTs with a web or app redirect location. Applicatio
-Managed login authentication fits the model where applications need an authorization server, but don't need features like custom authentication, identity pools integration, or user attribute self-service. When you want to use some of these advanced options, you can implement them with a user pools component for an SDK. 
+Managed login fits the model where applications require the authentication services of an OIDC authorization server, but don't immediately require features like custom authentication, identity pools integration, or user attribute self-service. When you want to use some of these advanced options, you can implement them with a user pools component for an SDK.