How to get access_token from 3rd party IdP with cognito?

I have setup a signup / login flow with cognito, using azure AD as a 3rd party IdP which is working as expected.

My app will be interacting with the Microsoft graph api and therefore needs the access_token from AAD.

I saw you can setup custom attribute mapping to store fields like this on the cognito user object, but the access token exceeds the 2048 char limit, so that doesn't work.

Can I use pre token generation lambda trigger to access this token and store it in DDB?

If not, what would be the next best course of action be please?

Topics

Serverless Compute Security, Identity, & Compliance

Relevant content

New 3rd Party SDK integration - CPPREST
Accepted Answer
rePost-User-2905517
asked 5 years ago
Wrong id token when logging in user with 3rd party SAML integrated with Cognito linked with AdminLinkProviderForUser
rePost-User-1422752
asked 2 years ago
Cognito: How to retrieve federated identity token from 3rd party idp
Accepted Answer
mypreptime-admin
asked 2 years ago
Cognito and External IdPs
kf4ape
asked 9 months ago
How do I set up Auth0 as a SAML identity provider with an Amazon Cognito user pool?
AWS OFFICIALUpdated 2 years ago
How do I set up AD FS as a SAML identity provider with an Amazon Cognito user pool?
AWS OFFICIALUpdated 3 years ago
How do I set up OneLogin as a SAML identity provider with an Amazon Cognito user pool?
AWS OFFICIALUpdated 8 months ago
How do I set up a third-party SAML identity provider with an Amazon Cognito user pool?
AWS OFFICIALUpdated 5 months ago
How to Rotate your External IdP Certificates in AWS IAM Identity Center (successor to AWS Single Sign-On) with Zero Downtime
EXPERT
Matt-B
published a year ago
Amazon GameLift launches support for third-party Infrastructure as Code tools like Terraform and Pulumi
EXPERT
Sachin
published 5 months ago