Dec 5, 2019

Refreshing AWS Access Token with Amplify and Axios

Authentication is one of those foundational pieces of your application that can be complex if your requirements don’t fit some predetermined mold. For that reason, I am aiming to provide you a quick and easy way to refresh an AWS access token via the Amplify and Axios libraries.

This example is just one of many ways to accomplish the given task, but for this use case and time of writing Amplify does not support refreshing the access token automatically when using a custom authentication provider. That means it’s up to the engineer to fit the refresh logic somewhere into their application landscape.

Using axios’s interceptors, you can intercept outgoing requests and introduce functionality prior to the original request going out. Here, we make a call to Amplify’s
Auth module to grab the currentSession. Inside currentSession, Amplify hits its own internal cache and will return the token if it hasn’t expired, otherwise it will
make its own request to AWS and refresh the access code. Now, we are free to utilize the current or refreshed access code and add it to the original outgoing request.

export const axiosRequestInterceptor = async config => {
const session = await Auth.currentSession();
 
const token = delve(session, 'idToken.jwtToken');
  if (token) {
    config.headers.Authorization = token;
  }
  return config;
};
axios.interceptors.request.use(axiosRequestInterceptor, e => Promise.reject(e));

About the Author

Brian Rue profile.

Brian Rue

Sr. Consultant

Brian is a Software Consultant with 10 years experience in small and large companies prototyping, designing, building, and maintaining both in-house and customer facing applications.  He prides himself on his strong work ethic and ability to listen, guide and build high quality, thoughtful, and lasting software for clients. Brian’s foundational development began in Java and has migrated to Javascript where he spends most of his time building Next Generation web applications.

Outside of work, Brian likes to get his hands dirty working on vehicles, building anything his wife tells him to, and being a father to his two boys.

One thought on “Refreshing AWS Access Token with Amplify and Axios

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Blog Posts
Waypoint and JVM
What are we doing here? We’re going to to run Waypoint to build a Clojure web application, deploy it, and release it on a URL. Along the way, we’re going to see how it interacts […]
Understanding Mutual TLS Options in the Public Cloud
When delivering an API over the public internet via a cloud provider, some organizations and frameworks require mutual TLS verification as a part of the interaction for that API. Mutual TLS can be used to […]
Performance Test Liquibase Update
When doing a liquibase update to a database if you’re having performance issues, it can be hard to find out which updates are causing problems. If you need to measure the time to apply each […]
TICK Stack Monitoring for the Non-Technical
TICK – Telegraf, Influx, Chronograf, and Kapacitor – is a method of monitoring your systems and applications. In this article, I discuss in non-technical terms what the difference is between TICK and Prometheus Grafana A […]