Dec 5, 2019

Refreshing AWS Access Token with Amplify and Axios

Authentication is one of those foundational pieces of your application that can be complex if your requirements don’t fit some predetermined mold. For that reason, I am aiming to provide you a quick and easy way to refresh an AWS access token via the Amplify and Axios libraries.

This example is just one of many ways to accomplish the given task, but for this use case and time of writing Amplify does not support refreshing the access token automatically when using a custom authentication provider. That means it’s up to the engineer to fit the refresh logic somewhere into their application landscape.

Using axios’s interceptors, you can intercept outgoing requests and introduce functionality prior to the original request going out. Here, we make a call to Amplify’s
Auth module to grab the currentSession. Inside currentSession, Amplify hits its own internal cache and will return the token if it hasn’t expired, otherwise it will
make its own request to AWS and refresh the access code. Now, we are free to utilize the current or refreshed access code and add it to the original outgoing request.

export const axiosRequestInterceptor = async config => {
const session = await Auth.currentSession();
 
const token = delve(session, 'idToken.jwtToken');
  if (token) {
    config.headers.Authorization = token;
  }
  return config;
};
axios.interceptors.request.use(axiosRequestInterceptor, e => Promise.reject(e));

About the Author

Brian Rue profile.

Brian Rue

Sr. Consultant

Brian is a Software Consultant with 10 years experience in small and large companies prototyping, designing, building, and maintaining both in-house and customer facing applications.  He prides himself on his strong work ethic and ability to listen, guide and build high quality, thoughtful, and lasting software for clients. Brian’s foundational development began in Java and has migrated to Javascript where he spends most of his time building Next Generation web applications.

Outside of work, Brian likes to get his hands dirty working on vehicles, building anything his wife tells him to, and being a father to his two boys.

One thought on “Refreshing AWS Access Token with Amplify and Axios

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Blog Posts
AWS Cloud HSM, Docker and NGINX
There is quite a bit of easily searchable content on the security benefits of leveraging a Hardware Security Module to manage cryptographic keys, so I will leave that to the scope of another article. The […]
Google Professional Machine Learning Engineer Exam 2021
Exam Description A Professional Machine Learning Engineer designs, builds, and productionizes ML models to solve business challenges using Google Cloud technologies and knowledge of proven ML models and techniques. The ML Engineer is proficient in all aspects […]
Designing Kubernetes Controllers
There has been some excellent online discussion lately around Kubernetes controllers, highlighted by an excellent Speakerdeck presentation assembled by Tim Hockin. What I’d like to do in this post is explore some of the implications […]
React Server Components
The React Team recently announced new work they are doing on React Server Components, a new way of rendering React components. The goal is to create smaller bundle sizes, speed up render time, and prevent […]