Dec 5, 2019

Refreshing AWS Access Token with Amplify and Axios

Authentication is one of those foundational pieces of your application that can be complex if your requirements don’t fit some predetermined mold. For that reason, I am aiming to provide you a quick and easy way to refresh an AWS access token via the Amplify and Axios libraries.

This example is just one of many ways to accomplish the given task, but for this use case and time of writing Amplify does not support refreshing the access token automatically when using a custom authentication provider. That means it’s up to the engineer to fit the refresh logic somewhere into their application landscape.

Using axios’s interceptors, you can intercept outgoing requests and introduce functionality prior to the original request going out. Here, we make a call to Amplify’s
Auth module to grab the currentSession. Inside currentSession, Amplify hits its own internal cache and will return the token if it hasn’t expired, otherwise it will
make its own request to AWS and refresh the access code. Now, we are free to utilize the current or refreshed access code and add it to the original outgoing request.

export const axiosRequestInterceptor = async config => {
const session = await Auth.currentSession();
 
const token = delve(session, 'idToken.jwtToken');
  if (token) {
    config.headers.Authorization = token;
  }
  return config;
};
axios.interceptors.request.use(axiosRequestInterceptor, e => Promise.reject(e));

About the Author

Brian Rue profile.

Brian Rue

VP of Consulting

I’m a Software Engineer with 10+ years experience in small and large companies prototyping, designing, building, and maintaining both in-house and customer facing applications.  I pride myself on my strong work ethic and ability to listen first, guide second, and deliver high quality, thoughtful, and lasting software for clients. My foundational development began in Java and has migrated to Javascript where I spend most of my time building Next Generation web applications and services.

Outside of work, I like to get my hands dirty working on vehicles and gardening, building anything my wife tells me to, and being a father to my two boys.

One thought on “Refreshing AWS Access Token with Amplify and Axios

Leave a Reply

Your email address will not be published.

Related Blog Posts
Natively Compiled Java on Google App Engine
Google App Engine is a platform-as-a-service product that is marketed as a way to get your applications into the cloud without necessarily knowing all of the infrastructure bits and pieces to do so. Google App […]
Building Better Data Visualization Experiences: Part 2 of 2
If you don't have a Ph.D. in data science, the raw data might be difficult to comprehend. This is where data visualization comes in.
Unleashing Feature Flags onto Kafka Consumers
Feature flags are a tool to strategically enable or disable functionality at runtime. They are often used to drive different user experiences but can also be useful in real-time data systems. In this post, we’ll […]
A security model for developers
Software security is more important than ever, but developing secure applications is more confusing than ever. TLS, mTLS, RBAC, SAML, OAUTH, OWASP, GDPR, SASL, RSA, JWT, cookie, attack vector, DDoS, firewall, VPN, security groups, exploit, […]