1 Answer
- Newest
- Most votes
- Most comments
1
AFAIK there is no way to map directly external groups from an IdP to cognito:groups
. But you can use a PreTokenGeneration Lambda function to read the custom claim with groups (typically custom:groups
) and convert it into a JWT claim named cognito:groups
.
Take a look to this sample, I hope it can help you: https://github.com/aws-samples/amazon-cognito-example-for-external-idp/tree/master/lambda/pretokengeneration
answered a year ago
Relevant content
- asked a year ago
- AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated 10 months ago