Amazon cognito - user attributes in ID Token

0

Setting user attributes values in cognito user pool, causes those attributes to be present in the IDToken. How can I select which user attributes actually go into the ID Token? Via lambda trigger and no UI or API operation for that definition? Tks, DD

HC
asked 21 days ago23 views
1 Answer
0

Hello,

In order to stop an attribute from being present in the ID token, you need to unselect that attribute from the list of readable attributes for the app client.

Please expand the "Attribute permissions and scopes" section in document [1] for reference to attribute read/write settings in an Cognito user pool app client. You need to modify the "Set attribute read and write permissions" settings (if you are using old Cognito console) or the "Edit attribute read and write permissions" settings (if you are using new Cognito console).

After you unselect an attribute from this list, that attribute will no longer be present in the ID token.

I believe the information is helpful to you. In case you have any further queries/concerns then please let me know.

--References--

[1] https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html

SUPPORT ENGINEER
Tarit_G
answered 20 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions