AWS Security ChangesHomeSearch

AWS cognito documentation change

Service: cognito · 2025-05-01 · Documentation medium

File: cognito/latest/developerguide/cognito-document-history.md

Summary

Added documentation for client metadata in M2M requests and refresh token rotation

Security assessment

Documents new security features: client metadata for Lambda triggers and refresh token rotation - both security best practices but not fixes for existing vulnerabilities.

Diff

diff --git a/cognito/latest/developerguide/cognito-document-history.md b/cognito/latest/developerguide/cognito-document-history.md
index a454bf034..a1a20f2fc 100644
--- a//cognito/latest/developerguide/cognito-document-history.md
+++ b//cognito/latest/developerguide/cognito-document-history.md
@@ -10,0 +11,2 @@ Change| Description| Date
+[Client metadata for M2M requests.](https://docs.aws.amazon.com/cognito/latest/developerguide/token-endpoint.html)| You can now pass client metadata in client credentials, or machine-to-machine (M2M), requests. Amazon Cognito passes M2M client metadata to the pre token generation Lambda trigger.| April 29, 2025  
+[Refresh token rotation.](https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-the-refresh-token.html#using-the-refresh-token-rotation)| You can now get new refresh tokens and invalidate the originals in refresh-token requests.| April 22, 2025