Currently I am working on an application that makes use of AWS Cognito. I am storing a number of custom attributes on each user, and pulling from that information when users sign in or when they update their information. For the most part this works with no problems. However, some of my custom attributes are not being returned by the getUser function. Confused by this, I double checked the users in the aws cognito console and found that all of the attributes were present, despite not being returned. Finally, I triple checked by looking at what was being returned when I listed all the users in the pool and displayed the attribute I was looking for. In that case, the attribute was appearing with no difficulty. This is a very bizarre issue because it is failing silently, only giving me some of the information tied to a user instead of all of it. Even more bizarre is the fact that it is even giving me some of the custom attributes, just not all of them. Does anyone have any idea what the problem could be or what else to test?
For reference, I am accessing this information using a node.js server. I am using this: http://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUser.html to get a specific user using an access token. I am also using this http://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ListUsers.html for testing purposes to see if the attributes are present at all.
To update a cognito user's attributes use the admin-update-user-attributes command, specifying the user-pool-id , username and user-attributes parameters. Copied!
Short description. You can't change standard user pool attributes after a user pool is created. Instead, create a new user pool with the attributes that you want to require for user registration. Then, migrate existing users to the new user pool by using an AWS Lambda function as a user migration trigger.
Cognito sub attributeWhen creating a user Cognito will assign a generated unique IDs (the sub attribute). This attribute cannot be changed and in case you import users from another pool/backup it will change.
After successful authentication, Amazon Cognito returns user pool tokens to your app. You can use the tokens to grant your users access to your own server-side resources, or to the Amazon API Gateway. Or, you can exchange them for AWS credentials to access other AWS services.
After a substantial amount of digging I have finally discovered the solution. The GetUser API will only return attributes marked as readable (I didn't even know you could edit the read/write permission for attributes).
To access this, go to the page for your user pool, then navigate to:
General settings > App clients > Show Details > Set attribute read and write permissions
.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With