You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
client_id (access token) === aud (id token) === Client Id (Cognito User Pool)
This library validates the access token (client_id) against Cognito user pool, and not the id token (aud).
As per AWS Cognito documentation:
"The audience (aud) claim should match the app client ID created in the Amazon Cognito user pool."
The module doesn't seem to verify the 'aud' claim. Am I missing something or is this a bug?
The text was updated successfully, but these errors were encountered: