Amazon cognito - user attributes in ID Token

0

Setting user attributes values in cognito user pool, causes those attributes to be present in the IDToken. How can I select which user attributes actually go into the ID Token? Via lambda trigger and no UI or API operation for that definition? Tks, DD

HC
gefragt vor 2 Jahren309 Aufrufe
1 Antwort
1

Hello,

In order to stop an attribute from being present in the ID token, you need to unselect that attribute from the list of readable attributes for the app client.

Please expand the "Attribute permissions and scopes" section in document [1] for reference to attribute read/write settings in an Cognito user pool app client. You need to modify the "Set attribute read and write permissions" settings (if you are using old Cognito console) or the "Edit attribute read and write permissions" settings (if you are using new Cognito console).

After you unselect an attribute from this list, that attribute will no longer be present in the ID token.

I believe the information is helpful to you. In case you have any further queries/concerns then please let me know.

--References--

[1] https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html

AWS
SUPPORT-TECHNIKER
Tarit_G
beantwortet vor 2 Jahren

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen