1개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
0
Hi,
Yes, there is a limit of 50 custom attributes per user pool and cannot be increased.
However, you can store this information on a DynamoDB and add to the identity token on the login workflow through the Amazon Cognito’s Pre token generation Lambda trigger, which is specifically designed to add new claims, update claims, or suppress claims.
This also could help you to solve other Cognito limitations, such as not being able to remove or change attributes to the user pool once it has been created, or or not being able to backup this information, although it requires you to add (and mantain) additional infrastructure services to your solution.
I hope this helps you.
관련 콘텐츠
- AWS 공식업데이트됨 2년 전
Thanks for the response! You mentioned the limit of 50 custom attributes per user pool, which I'm not concerned about. My question was more about the 50 custom scope limit per App Client. After reading up on the Pre token generation Lambda trigger, it seems like I can't update the access token (ID token only) and scopes in the access token. I could potentially add a scope claim to the ID token but typically only the access token is used to authorize against resource servers. Also the Pre Token Lambda won't work for the Client Credentials grant as it doesn't send back an ID token.
Hi,
First of all I want to apologize, since as you say, my answer is incorrect: you asked about scopes limits per app client and I answered you with custom attributes limits per user pool, which is not the same. I'm sorry.
As you say, the access token cannot be updated using the Amazon Cognito’s Pre token generation Lambda trigger, this is just for the ID token, and although it can also be used to authenticate users to your resource servers or server applications, it is not compatible with Client Credentials grant.
Not a problem at all. Thanks for taking the time to read and reply to my question.