AWS Security ChangesHomeSearch

AWS cli documentation change

Service: cli · 2025-08-22 · Documentation medium

File: cli/latest/reference/cognito-idp/get-tokens-from-refresh-token.md

Summary

Added documentation about refresh token grace period during rotation

Security assessment

Clarifies token rotation behavior which is a security feature, but does not indicate a vulnerability fix. The grace period documentation helps users understand token lifecycle security implications.

Diff

diff --git a/cli/latest/reference/cognito-idp/get-tokens-from-refresh-token.md b/cli/latest/reference/cognito-idp/get-tokens-from-refresh-token.md
index 42cb3a426..a61331d7f 100644
--- a//cli/latest/reference/cognito-idp/get-tokens-from-refresh-token.md
+++ b//cli/latest/reference/cognito-idp/get-tokens-from-refresh-token.md
@@ -15 +15 @@
-  * [AWS CLI 2.28.12 Command Reference](../../index.html) »
+  * [AWS CLI 2.28.15 Command Reference](../../index.html) »
@@ -98 +98 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/cognit
-> A valid refresh token that can authorize the request for new tokens. When refresh token rotation is active in the requested app client, this token is invalidated after the request is complete.
+> A valid refresh token that can authorize the request for new tokens. When refresh token rotation is active in the requested app client, this token is invalidated after the request is complete and after an optional grace period.
@@ -294 +294 @@ AuthenticationResult -> (structure)
-  * [AWS CLI 2.28.12 Command Reference](../../index.html) »
+  * [AWS CLI 2.28.15 Command Reference](../../index.html) »