AWS cognito documentation change
Summary
Added documentation for client metadata in M2M requests and refresh token rotation
Security assessment
Documents new security features: client metadata for Lambda triggers and refresh token rotation - both security best practices but not fixes for existing vulnerabilities.
Diff
diff --git a/cognito/latest/developerguide/cognito-document-history.md b/cognito/latest/developerguide/cognito-document-history.md index a454bf034..a1a20f2fc 100644 --- a//cognito/latest/developerguide/cognito-document-history.md +++ b//cognito/latest/developerguide/cognito-document-history.md @@ -10,0 +11,2 @@ Change| Description| Date +[Client metadata for M2M requests.](https://docs.aws.amazon.com/cognito/latest/developerguide/token-endpoint.html)| You can now pass client metadata in client credentials, or machine-to-machine (M2M), requests. Amazon Cognito passes M2M client metadata to the pre token generation Lambda trigger.| April 29, 2025 +[Refresh token rotation.](https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-the-refresh-token.html#using-the-refresh-token-rotation)| You can now get new refresh tokens and invalidate the originals in refresh-token requests.| April 22, 2025