1 Answer
- Newest
- Most votes
- Most comments
1
As of today you can't add custom attributes to Cognito access token. You probably could achieve mapping AD groups to Cognito groups but I wouldn't recommend that, management would probably be unnecessarily complex and potentially error prone. Another way would be to see if customer could use id_token instead. You can map AD attributes to Cognito ones and those are included in id_token.
answered 4 years ago
Relevant content
- asked a year ago
- asked 2 months ago
- asked 2 years ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated a year ago
This agrees with the article by Yan Cui. https://theburningmonk.com/2024/09/is-it-safe-to-use-id-tokens-with-cognito-authorizers/