AWS Cognito: Add custom claim/attribute to JWT access token

aws-lambda amazon-cognito
14,988

Solution 1

Custom attributes are not available in Cognito access token. Currently it is not possible to inject additional claims in Access Token using Pre Token Generation Lambda Trigger as well. PreToken Generation Lambda Trigger allows you to customize identity token(Id Token) claims only.

Solution 2

You can use ID token to get the token with custom attributes.

Access tokens are not intended to carry information about the user. They simply allow access to certain defined server resources.

You can pass an ID Token around different components of your client, and these components can use the ID Token to confirm that the user is authenticated and also to retrieve information about them.

How to retrieve Id token using amazon cognito identity js

cognitoUser.authenticateUser(authenticationDetails,{
  onSuccess: function(result) {
    var accessToken = result.getIdToken().getJwtToken();
    console.log('accessToken is: ' + accessToken);
  },
  onFailure: function(err) {
    alert(err.message || JSON.stringify(err));
  },
});
Share:
14,988
Hiren Makwana
Author by

Hiren Makwana

Software Engineer with 6+ years of experience & worked in Open source technologies. Professional career started with Laravel and Symfony, later on moved in NodeJS, MongoDB, PostgreSQL, etc. Also having hands on experience in cutting-edge technologies like AWS serverless, kinvey mBaaS, Microservices, Docker, etc. I can easily learn and adopt other technologies. To work for an organization which provides me the opportunity to improve my skills and knowledge to grow along with the organization objectives.

Updated on July 02, 2022

Comments

  • Hiren Makwana
    Hiren Makwana almost 2 years

    My app creates a custom attribute "userType" for each new signed-up user. Now I would like this "userType" claim/attribute to be added to the JWT access token whenever the user signs in or the token gets refreshed.

    Is there an option to tell cognito to add my custom claim/attribute to the JWT access token? (Without a pre token generation Lambda)

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to get validate Cognito Access Token in AWS Lambda to allow Gateway API call?
AWS Cognito verification email not received by user account
How to get the Cognito Identity id in AWS Lambda
Is it possible to modify AWS Cognito user attributes in the Lambda triggers
Cognito User Pool: How to refresh Access Token using Refresh Token
lambda trigger callback vs context.done
AWS Lambda API gateway with Cognito - how to use IdentityId to access and update UserPool attributes?
AWS Cognito: Best practice to handle same user (with same email address) signing in from different identity providers (Google, Facebook)
Flutter Amplify Cognito, no tokens using fetchAuthSession
How to import a AWS Cognito User Pool in a Flutter Project?