Ability to set custom attributes for auth #196
Comments
|
Also when doing an amplify push, where auth is updating, I notice that if cloudformation detects a new physical resource needs to be created it will actually delete your whole cognito userpool without notice and create a new one. This is horrible and can make someone accidentally delete all their app users. See https://forums.aws.amazon.com/thread.jspa?messageID=793367 for more info. Amplify should warn before cloudformation tries to delete your whole userpool... |
|
We confirmed this behavior with ththe cognito service team last week. This behavior is detected when changing certain cognito policy attributes like the password policy and we have a PR out for same to not allow updating those scheme atteibutes using the CLI - |
|
We’ve also engaged with the Cognito service team to not allow the deletion of the user pool when users are present in the user pool. They’re working on changing this behavior as well. |
|
Perfect, thank you! |
Can you share how you do this? I also need the functionality. |
|
@ianpogi5 just go to backend/auth/<your_cognito_project_name>/ and modify the yml and json accordingly. Add your attributes to 'userpoolClientWriteAttributes' in parameters.json and go from there. |
|
This issue seems to be fixed. Feel free to re-open this issue if the problem still exists. |
|
Hi @kaustavghosh06 can we re-open this or should I open a separate ticket? I edited the cloudformation and parameters files in the
commit a06946c59ce8ef6797795ca6b672a9ffdd9a0885 (HEAD -> dev)
Author: Peter Example <peter@example.com>
Date: Tue Jan 8 14:04:07 2019 -0500
test adding identity_id as custom attribute
diff --git a/amplify/backend/auth/myappauth/myappauth-cloudformation-template.yml b/amplify/backend/auth/myappauth/myappauth-cloudformation-template.yml
index 655c34a..7c08306 100644
--- a/amplify/backend/auth/myappauth/myappauth-cloudformation-template.yml
+++ b/amplify/backend/auth/myappauth/myappauth-cloudformation-template.yml
@@ -189,6 +189,10 @@ Resources:
Name: email
Required: true
Mutable: true
+ -
+ Name: identity_id
+ Mutable: true
+ AttributeDataType: String
# make email unique!
UsernameAttributes: ['email']
diff --git a/amplify/backend/auth/myappauth/parameters.json b/amplify/backend/auth/myappauth/parameters.json
index 8a22aef..88e266b 100644
--- a/amplify/backend/auth/myappauth/parameters.json
+++ b/amplify/backend/auth/myappauth/parameters.json
@@ -37,7 +37,8 @@
"userpoolClientReadAttributes": [
"email",
"given_name",
- "name"
+ "name",
+ "custom:identity_id"
],
"mfaLambdaRole": "myappauth_totp_lambda_role",
"mfaLambdaLogPolicy": "myappauth_totp_lambda_log_policy",
@@ -57,7 +58,8 @@
"userpoolClientWriteAttributes": [
"given_name",
"name",
- "email"
+ "email",
+ "custom:identity_id"
],
"facebookAppId": "1234567890101234",
"googleClientId": "123456789012-ieo82pceb6b6uvdphutkabcdefghijkl.apps.googleusercontent.com", |
|
@mrcoles Could you mention your Cloudformation |
|
StackID:
Additionally, ever since this, Amplify seems to always think one of my lambda functions always needs updating. An extra complication: when I first ran |
|
@mrcoles Thanks for the information. Working with the Cognito service team on this issue. I'll keep you updated on this. |
|
I don't know if this is a separate issue, but even when I edit my auth`s parameters.yml before pushing for the first time the configuration does not seem to be applied. node v8.15.0 I tried changing the password policy to only require lowercase characters and on singup I will still be prompted to put in uppercase, numbers and special characters. Should I open a separate issue for this? |
|
@janrop Yes, please open a seperate issue for your issue. It seems like a different issue. |
kaustavghosh06
added
auth
|
Hey guys, with our new version of the CLI (>1.4.0), we've introduced the ability for users to select how they want users (including an option for email uniqueness) to sign in and select their sign up attributes upfront as a part of the default flow instead of setting the username attribute as a default in the default flow (which is immutable unfortunately after the creation of the userpool since that is a restriction from the Cognito service). Please feel free to check it out and re-open/comment on this issue if you see a problem with it. |
|
Maybe an example of the updated cloud formation file with custom attributes added would help? Thanks. |
|
I can't add custom attributes to the user pool i only get a list of predefined ones. And even still none of them work with federated sign in. It seems that the attribute selection is only for Required ones. I still have no idea how to proceed here. |
|
@pr1ntr Check https://github.com/aws-amplify/amplify-cli/pull/1289/files the cf-templates/auth/README.md file. I've added an example of what works for me. Hope that helps. Regards. |
|
Excellent, thank you! |
|
This issue has been automatically locked since there hasn't been any recent activity after it was closed. Please open a new issue for related bugs. Looking for a help forum? We recommend joining the Amplify Community Discord server |
Describe the solution you'd like
Need to add custom attributes that go under the "Do you want to add custom attributes" in the cognito console.
Describe alternatives you've considered
Currently I am just modifying the cloud formation template that amplify produces. Is this ok practice - to modify the cloud formation template that amplify provides? I understand I can't run amplify configure on the auth service going forward as that will likely remove my template modifications.
Additional context
See this for context and how amplify library supports custom attributes: https://aws.amazon.com/blogs/mobile/aws-amplify-adds-support-for-custom-attributes-in-amazon-cognito-user-pools/. I don't believe amplify cli auth module supports that out of the box.
The text was updated successfully, but these errors were encountered: