I think that the video is wrong and I’m looking for confirmation. The presenter says that you select "Application code Grant" and also "Implicit Grant", stating that "Implicit Grant gives you the JWT token". My understanding is that both grants are part of OAuth and so don’t provide a JWT token but that using the scope "openid" is what provides the JWT, in the id-token field of the response.
I thought that Implicit is basically the same as Application Code but was created for use by mobile apps that had nowhere safe to store their secret and that this has been fixed now using the PKCE extension but it has nothing to do with the JWT.
Can anyone out there confirm?
Actually, if I’d waited a second, I’d have seen what looks like confirmation that it is a tiny error in the documents: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-app-idp-settings.html