aws-amplify Authentication...how to access tokens on successful Auth.signIn?

Question

I'm trying to figure out how to access the accessToken, refreshToken, and idToken that I receive back from aws-amplify using the Auth library.

example in docs: https://aws.github.io/aws-amplify/media/authentication_guide.html

example of my usage:

const user = await Auth.signIn(email, password);

user has a bunch of properties that are inaccessible including everything I need. In the docs, it's unclear how to get to these properties because the examples all log the result. Any ideas?

I posted this question in the aws-amplify repo and a collaborator replied: Auth.currentSession().accessToken.jwtToken — spencewine, Feb 15 '18 at 17:11

score 55 · Answer 1 · edited Dec 05 '22 at 09:03

55

Auth.currentSession().then(res=>{
  let accessToken = res.getAccessToken()
  let jwt = accessToken.getJwtToken()
      
  //You can print them to see the full objects
  console.log(`myAccessToken: ${JSON.stringify(accessToken)}`)
  console.log(`myJwt: ${jwt}`)
})

edited Dec 05 '22 at 09:03

André Kuhlmann

4,378
3
23
42

answered May 19 '19 at 07:10

Omar

1,005
11
11

1

This worked for me! You can also add ```console.log(`sub: ${JSON.stringify(accessToken.payload.sub)}`)``` if you are using Amplify and AWS and want the sub (ID). – Evan Erickson May 19 '21 at 17:07
Shouldn't there be an AWAIT in front? – Michael Michael Michael Sep 07 '21 at 01:58

xrpza · Answer 2 · 2019-11-19T19:52:32.177

Auth.currentSession() will return a CognitoUserSession containing accessToken, idToken, and refreshToken.

The CognitoUserSession is actually the following: CognitoUserSession {idToken: CognitoIdToken, refreshToken: CognitoRefreshToken, accessToken: CognitoAccessToken, clockDrift: 0}

Accessing pairs within that object can be achieved through straightforward dot notation at this point.

Example: Retrieve the accessToken and log to console

Auth.currentSession().then(data => console.log(data.accessToken));

The result will be a CognitoAccessToken in the form CognitoAccessToken { jwtToken: '', payload: ''}

If you just want the jwtToken within the CognitoAccessToken, it's just dot notation all the way down (with log to console example):

Auth.currentSession().then(data => console.log(data.accessToken.jwtToken));

Note: This method also refreshes the current session if needed (reference).

`This method also refreshes the current session if needed` Thanks for that — sj_959, Aug 29 '21 at 14:50
But in my case it's not refreshing the accessToken with new one if current is expired. — Harsh Mishra, Dec 10 '22 at 06:41

score 4 · Answer 3 · answered Feb 14 '18 at 21:27

4

I believe you can do

Auth.currentCredentials(credentials => {
  const tokens = Auth.essentialCredentials(credentials);
})

where essentialCredentials will return all of the tokens

Hope this helps.

answered Feb 14 '18 at 21:27

iurii

4,142
2
23
28

score 4 · Answer 4 · answered Aug 08 '20 at 15:26

4

Angular 9, getting JWT token from current session :

import Auth from '@aws-amplify/auth';

Auth.currentSession().then(data => console.log("JWT", data.getAccessToken().getJwtToken()));

answered Aug 08 '20 at 15:26

Vladyslav Didenko

1,352
1
14
19

score 1 · Answer 5 · answered Dec 29 '20 at 22:31

For those in search of the AWSCredentials:

const checkCognitoUserSession = async () => {
  const getAwsCredentials = await Auth.currentCredentials();
  const awsCredentials = await Auth.essentialCredentials(getAwsCredentials);

  // accessKeyId, secretAccessKey, sessionToken post login
  return { awsCredentials };
};

score 1 · Answer 6 · answered Dec 14 '22 at 07:02

Retrieve current session using aws-amplify

Auth.currentSession() returns a CognitoUserSession object which contains JWT accessToken, idToken, and refreshToken.

Auth.currentSession()
.then((data) => console.log(data))
.catch((err) => console.log(err));

aws-amplify Docs currentSession

aws-amplify Authentication...how to access tokens on successful Auth.signIn?

6 Answers6