AWS Security ChangesHomeSearch

AWS cognito documentation change

Service: cognito · 2025-04-16 · Documentation low

File: cognito/latest/developerguide/cognito-user-pools-managed-login.md

Summary

Added RFC reference and endpoint links for authorization server documentation

Security assessment

Enhances documentation of OAuth 2.0 security components by adding technical references, but doesn't introduce new security features

Diff

diff --git a/cognito/latest/developerguide/cognito-user-pools-managed-login.md b/cognito/latest/developerguide/cognito-user-pools-managed-login.md
index 8d5b0b2a1..f864fe275 100644
--- a//cognito/latest/developerguide/cognito-user-pools-managed-login.md
+++ b//cognito/latest/developerguide/cognito-user-pools-managed-login.md
@@ -11 +11 @@ You can choose a web domain to host services for your user pool. An Amazon Cogni
-  * An _authorization server_ that acts as an identity provider (IdP) to applications that work with OAuth 2.0 and OpenID Connect (OIDC). The authorization server routes authentication requests, issues and manages JSON web tokens (JWTs), and delivers user attribute information.
+  * An [authorization server](https://datatracker.ietf.org/doc/html/rfc6749#section-1.1) that acts as an identity provider (IdP) to applications that work with OAuth 2.0 and OpenID Connect (OIDC). The authorization server [routes requests](./authorization-endpoint.html), [issues and manages JSON web tokens (JWTs)](./token-endpoint.html), and [delivers user attribute information](./userinfo-endpoint.html).