AWS cognito medium security documentation change
Summary
Added compatibility note for updated issuer format
Security assessment
Explicitly documents authentication incompatibilities with ALB and API Gateway, preventing potential broken authentication scenarios.
Diff
diff --git a/cognito/latest/developerguide/federation-endpoints.md b/cognito/latest/developerguide/federation-endpoints.md index babd9791d..7366fe193 100644 --- a//cognito/latest/developerguide/federation-endpoints.md +++ b//cognito/latest/developerguide/federation-endpoints.md @@ -65,0 +66,4 @@ Updated issuers take the format `https://issuer-cognito-idp.`us-east-1`.amazonaw +###### Note + +The updated issuer type is not currently compatible with Application Load Balancer authentication with Amazon Cognito ([Authenticate users using an Application Load Balancer](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/listener-authenticate-users.html)) or Amazon API Gateway Amazon Cognito authorizers ([Control access to REST APIs using Amazon Cognito user pools as authorizer](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-integrate-with-cognito.html)). +