Manage user sessions

Amplify Auth provides access to current user sessions and tokens to help you retrieve your user's information to determine if they are signed in with a valid session and control their access to your app.

An intentional decision with Amplify Auth was to avoid any public methods exposing credentials or manipulating them.

With Auth, you simply sign in and it handles everything else needed to keep the credentials up to date and vend them to the other categories.

However, if you need to access them in relation to working with an API outside Amplify or want access to AWS specific identifying information (e.g. IdentityId), you can access these implementation details by casting the result of fetchAuthSession as follows:

Amplify.Auth.fetchAuthSession(
    result -> {
        AWSCognitoAuthSession cognitoAuthSession = (AWSCognitoAuthSession) result;
            switch(cognitoAuthSession.getIdentityIdResult().getType()) {
                case SUCCESS:
                    Log.i("AuthQuickStart", "IdentityId: " + cognitoAuthSession.getIdentityIdResult().getValue());
                    break;
                case FAILURE:
                    Log.i("AuthQuickStart", "IdentityId not present because: " + cognitoAuthSession.getIdentityIdResult().getError().toString());
        error -> Log.e("AuthQuickStart", error.toString())

Amplify.Auth.fetchAuthSession(
        val session = it as AWSCognitoAuthSession
        when (session.identityIdResult.type) {
            AuthSessionResult.Type.SUCCESS ->
                Log.i("AuthQuickStart", "IdentityId = ${session.identityIdResult.value}")
            AuthSessionResult.Type.FAILURE ->
                Log.w("AuthQuickStart", "IdentityId not found", session.identityIdResult.error)
    { Log.e("AuthQuickStart", "Failed to fetch session", it) }

    val session = Amplify.Auth.fetchAuthSession() as AWSCognitoAuthSession
    val id = session.identityIdResult
    if (id.type == AuthSessionResult.Type.SUCCESS) {
        Log.i("AuthQuickStart", "IdentityId: ${id.value}")
    } else if (id.type == AuthSessionResult.Type.FAILURE) {
        Log.i("AuthQuickStart", "IdentityId not present: ${id.error}")
} catch (error: AuthException) {
    Log.e("AuthQuickStart", "Failed to fetch session", error)

RxAmplify.Auth.fetchAuthSession()
    .subscribe(
        result -> {
            AWSCognitoAuthSession cognitoAuthSession = (AWSCognitoAuthSession) result;
            switch (cognitoAuthSession.getIdentityIdResult().getType()) {
                case SUCCESS:
                    Log.i("AuthQuickStart", "IdentityId: " + cognitoAuthSession.getIdentityIdResult().getValue());
                    break;
                case FAILURE:
                    Log.i("AuthQuickStart", "IdentityId not present because: " + cognitoAuthSession.getIdentityIdResult().getError().toString());
        error -> Log.e("AuthQuickStart", error.toString())

Force refreshing session

Through the plugin, you can force refresh the internal session by setting the forceRefresh option when calling the fetchAuthSession API.

AuthFetchSessionOptions options = AuthFetchSessionOptions.builder().forceRefresh(true).build();

val option = AuthFetchSessionOptions.builder().forceRefresh(true).build()

val option = AuthFetchSessionOptions.builder().forceRefresh(true).build()

AuthFetchSessionOptions options = AuthFetchSessionOptions.builder().forceRefresh(true).build();

Sign-out

Manage user attributes