Our Blog

Amazon Cognito now supports resource indicators to simplify enhancing protection of OAuth 2.0 resources

Published
October 27, 2025
https://aws.amazon.com/about-aws/whats-new/2025/10/amazon-cognito-resource-indicators-protection-oauth-2-0-resources

Amazon Cognito Resource Indicators

Amazon Cognito now allows app clients to specify resource indicators during access token requests in OAuth 2.0 authorization code grant and implicit grant flows. This feature identifies the protected resource, such as a user’s bank account record or a specific file in a file server, ensuring access tokens are limited to specific resources.

This simplifies protecting resources that users need to access. For example, agents can request access tokens for specific protected resources like a user’s banking records. After validation, Cognito issues an access token with the audience claim set to the specific resource.

What to do

  • Use the new resource parameter to specify target resources in a standards-based way.
  • Refer to the developer guide for more information.
  • Check pricing for Cognito Essentials and Plus tier.

Source: AWS release notes




If you need further guidance on AWS, our experts are available at AWS@westloop.io. You may also reach us by submitting the Contact Us form.

Follow our blog

Get the latest insights and advice on AWS services from our experts.

By clicking Sign Up you're confirming that you agree with our Terms and Conditions.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Related posts

Check out other insights from the team at West Loop Strategy.

View all
https://aws.amazon.com/about-aws/whats-new/2025/10/amazon-documentdb-graviton4-based-r8g-database-instances/

Amazon DocumentDB (with MongoDB compatibility) now supports Graviton4-based R8g database instances

AWS Graviton4-based R8g database instances are now generally available for Amazon DocumentDB (with MongoDB compatibility)
Read more
https://aws.amazon.com/about-aws/whats-new/2025/10/amazon-dvc-releases-version-2025-0

Amazon DCV releases version 2025.0 with enhanced keyboard handling and WebAuthn support

AWS announces Amazon DCV 2025
Read more
https://aws.amazon.com/about-aws/whats-new/2025/10/amazon-connect-customer-input-outbound-calls

Amazon Connect makes it easier to get customer input on outbound calls

Amazon Connect, the cloud-based contact center service from AWS, now supports Get Customer Input and Store Customer Input flow blocks for outbound voice whisper flows
Read more
View all