Hey everyone! I’m trying to figure out how to make my n8n workflow automatically refresh AWS Cognito OAuth tokens. Right now I have to do it by hand every day, which is a pain.
I set up a workflow that’s supposed to ping the AWS Cognito token endpoint, but it’s not working like I hoped. The access token isn’t updating on its own.
Does anyone know a trick to make this happen without me having to manually trigger the workflow? I’m stumped and could really use some advice. Thanks!
hey there! have u tried using the schedule trigger in n8n? its pretty handy for this kinda stuff. just set it to run every day before ur token expires. then use an HTTP Request node to hit the cognito endpoint and grab the new token. store it somewhere safe in n8n and ur good to go! no more manual refreshing 
I’ve dealt with a similar issue before, and I found that using a Cron node in n8n can be really effective for automating token refreshes. Here’s what worked for me:
Set up a Cron node to trigger your workflow at regular intervals, like every 23 hours (to be safe before the token expires). Then, create a HTTP Request node to hit the Cognito token endpoint with your refresh token. Make sure you’re storing the new access token securely, perhaps in n8n’s credentials store.
One gotcha to watch out for: ensure your refresh token itself doesn’t expire. Some Cognito user pools have refresh token expiration enabled. If that’s the case, you might need to implement a more complex solution involving re-authentication.
Also, double-check your Cognito app client settings. Sometimes, the issue is with the configuration there rather than in n8n. Hope this helps point you in the right direction!
Have you considered using AWS Lambda in conjunction with Amazon EventBridge? This setup can automate the token refresh process quite effectively. You’d create a Lambda function to handle the token refresh logic, then use EventBridge to schedule its execution at regular intervals.
The Lambda function would make the necessary API calls to Cognito, retrieve the new access token, and store it securely (e.g., in AWS Secrets Manager). This approach offloads the token refresh task from n8n entirely, allowing your workflows to simply fetch the latest token when needed.
I’ve implemented this solution for several projects, and it’s proven to be reliable and low-maintenance. The key is to set the EventBridge rule to trigger slightly before your token’s expiration time. This ensures you always have a valid token available for your n8n workflows.