Open ffxsam opened 1 year ago
Hi @ffxsam thank you for raising this issue. I'm going to mark and track this as a feature request because it's a suggestion to change the current behavior.
Linking to related issue regarding SSR: https://github.com/aws-amplify/amplify-js/issues/7824
@chrisbonifacio Thank you!
@chrisbonifacio @ffxsam I have requested this a couple of years ago and I received an email last in 2023 ( I believe) that Cognito now supports extra security features which allow you to enhance the accesstokens and add extra data. This was in response to my request. You can read about it here https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html and https://aws.amazon.com/about-aws/whats-new/2023/12/amazon-cognito-user-pools-customize-access-tokens/. I havent had time to implement it my self.
@chrisbonifacio @ffxsam I have requested this a couple of years ago and I received an email last in 2023 ( I believe) that Cognito now supports extra security features which allow you to enhance the accesstokens and add extra data. This was in response to my request. You can read about it here
https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html
andhttps://aws.amazon.com/about-aws/whats-new/2023/12/amazon-cognito-user-pools-customize-access-tokens/
. I havent had time to implement it my self.
That's correct! It is an additional cost but it is now possible to customize the access token to include the same custom attributes, or claims, as the id token.
@ffxsam does this feature fit your use case for having the custom attributes in the resolver's identity
when using an access token?
@chrisbonifacio I didn't know it came with an extra cost, I thought expanding the accessTokens was a part of the free package. Are there any plans to make it part of the free setup so that we can pass more data to our backend? I currently have to swap the accessToken for IdToken in my Angular, which works but it is an extra step.
Before opening, please confirm:
JavaScript Framework
Vue
Amplify APIs
GraphQL API
Amplify Categories
auth, api
Environment information
Describe the bug
When a user is logged in and making GraphQL requests, their custom attributes from Cognito don't exist in the
identity
object on the resolver side.Expected behavior
I would expect custom attributes to be in the claims.
Reproduction steps
Set up GraphQL API and make a request (authenticated)
Code Snippet
Workaround:
Log output
aws-exports.js
No response
Manual configuration
No response
Additional configuration
No response
Mobile Device
No response
Mobile Operating System
No response
Mobile Browser
No response
Mobile Browser Version
No response
Additional information and screenshots
No response