I've got a Cognito User Pool set up that has the preferred_username set up to work correctly as an alias for username. This means that I can have users - local and federated - able to change their "preferred_username" value and it all works correctly, including ensuring that the values are always unique. It also means that I can use admin-get-user by username and it matches across both fields, and all is good. So far - fantastic.
However, it seems that when I have a user authenticate, neither the Access Token nor the ID Token contains the "preferred_username" field. They do contain the "username" but this is the original one and not the new value if it's been changed.
My desire is to have an API home document that, if the API call is authenticated, contains a link to the Users resource for the user. And ideally that link would be by preferred_username if set - the same way that admin-get-user works.
Am I right that the only way to do this is to get the "username" from the access token, and then make a subsequent API call to get the user details in order to determine the "preferred_username" value? Or is there some way to have the Access Token or ID Token contain the "preferred_username" value?
Cheers
AWS OFFICIALUpdated 9 months ago
Hi there,
I've already checked and they don't. They have the
usernamefield, but if there is apreferred_usernameset then this isn't present.What I'm not sure about is if there's some way to configure things so that it is present, or if it's just not an option.
Cheers