- Newest
- Most votes
- Most comments
Is there any update or plan when this feature will be implemented? We really need this feature for an amplify application where we want to make use of the "groupClaim" attribute which we want to generate by ourselves in a pre token lambda function. I cannot really understand why there is this option (groupClaim in graphql auth) when you cannot create another array then cognitogroups with AWS cognito pre token generation lambda.
This bug has been around for almost 5 years now, like JaccoPK said. Is there any update or plan when this feature will be implemented? It's becoming a very big problem with Amplify/Appsync apps and with how their resolvers handle custom claims.
Hi,
Currently only string type is supported for custom claims, you need to represent your list as a string. something like that... "permissions": "[read, write, execute]"
Hey Mahmoud,
Thanks for the quick reply, is there any timeline when this will change? I'm using a service that needs it in this format; I'm unable to set these parameters as a string; it must be a list.
If Cognito cannot accept list parameters (which is part of the JWT spec) then I cannot use Cognito and will have to use something else such as KeyCloak.
Thanks
Thanks!
This is definitely an oversight by the cognito team, we are paying extra for this pre generation token functionality but then are restricted with string types?
auth_time
generated by cognito for instance is a number so there is definitely the possibility to store correct types instead of inferring that data is encoded as a string.
Relevant content
- asked 3 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
This is a very long standing bug (2018). I would not expect a solution very soon. I saw a workaround that you could work with: Just stringify the array.