'How can I set one hour usage time to AWS Cognito authenticated users of an ECS/EC2 web app?
I'm quite new at AWS and mostly use the console. I would much appreciate who will be able to help me to solve this problem.
I have placed a containerized Streamlit web app in an AWS EC2/ECS instance beyond an ALB and let users access it through Cognito authentication. Everything works fine, users are allowed to the app.
What I would like to do now now, is to give users a limited access time of 60 minutes to the web app so that they are logged out after one hour. If they need to use the app again, then they will be required to login.
To have users log out at the end of one hour, my idea was to set the refresh token expiration at 60 min., the access token and ID token expiration at 5 min. so to ensure the access/ID tokens are good for 60 (65?) min. preventing the backend delivering data from then on.
This was my idea, but it's not working.
In fact, users already logged in, which are using the app, are allowed to use it even after 60 (65) minutes. In other words, I'm not able to log them out after 60 min. as the backend continues delivering them data.
I really don't know what I'm missing.
Here I summarize some of the settings.
As for the ALB listener, I've set the AWSELBAuthSessionCookie timeout to be 60 seconds. I've also included two screenshots of my App Client.
Thank you in advance for your help.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|