Amazon two days ago introduced a new feature in Amazon Cognito user pools, allowing for the customization access tokens. Detailed documentation on this update can be found in their recent release note: Amazon Cognito user pools now support the ability to customize access tokens.
Despite the update, I'm facing an issue where the customization seems to work only for ID tokens and not for access tokens. To give you a better idea, here's the Lambda function I'm using (V2 event):
const handler = async (event) => {
// V2
event.response = {
claimsAndScopeOverrideDetails: {
accessTokenGeneration: {
claimsToAddOrOverride: {
my_first_attribute: "first_value",
my_second_attribute: "second_value",
}
},
idTokenGeneration: {
claimsToAddOrOverride: {
my_first_attribute: "first_value",
my_second_attribute: "second_value",
}
}
},
};
return event;
};
export { handler };
I've double-checked the AWS CLI (version 1.32.4) to ensure that the correct Lambda version is linked to the user pool:
"LambdaConfig": {
"PreTokenGeneration": "<redacted>",
"PreTokenGenerationConfig": {
"LambdaVersion": "V2_0",
"LambdaArn": "<redacted>"
}
},
Has anyone else experienced this issue or have insights on why the access token customization isn't working as intended? Any advice or suggestions would be greatly appreciated!
AWS 官方已更新 2 年前