1 Answer
- Newest
- Most votes
- Most comments
0
You can accomplish custom authorization in your downstream apps by using the Cognito User Pool Groups. You can place your users into groups on the Cognito side. The JWT ID Token will contain the role values associated with the user in the cognito:roles claim. You will then grant the appropriate authorization level based on the role that the user is assigned.
Here's more info: http://docs.aws.amazon.com/cognito/latest/developerguide/role-based-access-control.html
answered 7 years ago
Relevant content
- Accepted Answerasked 3 months ago
- Accepted Answerasked a year ago
- asked 4 years ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 9 months ago