Closed jonasao closed 6 years ago
drcoll
commented
6 years ago I'd like to see some added documentation on handling refresh tokens. I understand the authorization grant flow needs to be used, but still scratching my head on the rest. What endpoint does one hit after they've gotten a refresh token back using code?
rcfrias
commented
6 years ago @jonasao I totally agree. I also spent some time figuring out things that weren't explained in the docs. IMHO AWS documentation has been the weakest thing of everything they have to offer. Unfortunately this hasn't changed in a while, so I am not sure if a complaint really matters. I hope you find the right tweaks for your project, as I did with mine. Btw. I will add "outdated" and "misleading" content to the list! ^^
yuntuowang
commented
6 years ago Based on @jonasao comments, I merged the improvement of README.md file. Based on @drcoll comments, what endpoint does one hit after they've gotten a refresh token back using code grant flow? When using Authorization code grant, if you have the refresh token and it is also not expired, the SDK will refresh session and give you tokens(In CognitoAuth.js file, refreshSession() does this).
Also, please see this link for more info, http://docs.aws.amazon.com/cognito/latest/developerguide/token-endpoint.html
Being used to working with APIs from a competitor I must say that Amazon has a long way to go when it comes to documenting their APIs and services.
After reading AWS Cognito API documentation for the last 4 weeks, scratching my head, I stumbled upon this project which seemed like a step in the right direction. How about making this project a "guiding star" when it comes to how its features are documented?
You could start by documenting how to get this project up and running by specifying every little detail from A-Z, incl. configuration of AWS Cognito, the user pool, federated identity pool etc.