Cognito - Can't add cognito:groups for an user

Question

I am currently working on AWS with Cognito for user management,

I would like to be able to import a CSV with my users to add to the project. With the basic information I can successfully add a user.

However I will want to add a user with an associated group (already existing) directly in the CSV and I have this error.

I think the attribute should not be allowed in the header,

Can we add a group to the user when importing the CSV?

If not, what can I do to fix it?

Thank you in advance for your answers.

here's the code of the CSV file i used:

name,given_name,family_name,middle_name,nickname,preferred_username,profile,picture,website,email,email_verified,gender,birthdate,zoneinfo,locale,phone_number,phone_number_verified,address,updated_at,cognito:mfa_enabled,cognito:username,cognito:groups
Test,,TEST,,,,,,,[email protected],false,, 01/01/2000,,,+3360000000,true, 51 rue Térus,,false,test,directeur

Answer 1

First of all there is no such header like cognito:groups for Cognito User import. You can get an dummy file with all supported headers from AWS console (Cognito User Import page, click on Download CSV Header button) or via AWS Cognito API Call. Since I'm using python my call looks like that:

cognito = boto3.client('cognito-idp')
headers = cognito.get_csv_header(UserPoolId=COGNITO_USER_POOL_ID)['CSVHeader']

You cannot add your own headers and supply values for these headers (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-using-import-tool-csv-header.html).

Unfortunately, right now (20211207) there is no way how to force Cognito User Import to create groups and\or put users inside these groups - it just imports users.

As a solution I created a lambda function, that saves not only user list (in a Cognito Import compartible format) but a user-group structure in a CSV file as well (username, group_name headers). Then after user list is imported, I run a small script that opens a second CSV file and adds users to the groups one by one using admin_add_user_to_group method (I higly recommend to catch the following exception cognito_client.exceptions.UserNotFoundException).