Search code examples
amazon-web-servicesamazon-cognitoaws-amplifyaws-appsync

Store user attributes in Cognito or AppSync?

I'm using AWS Amplify and I'm wondering is it best to store user attributes as custom Cognito attributes or in a user table for AppSync?

Cognito approach:

'username': 'jdoe',
'password': 'mysecurepassword#123',
'attributes': {
    'email': 'me@domain.com',
    'phone_number': '+12135555555',
    'custom:favorite_flavor': 'Cookie Dough'  // custom attribute, not standard
}
  • Pros: Single source of truth
  • Cons: Not part of the API

AppSync approach:

type User 
    @model 
    @auth(
        rules: [
          {allow: owner, ownerField: "owner", operations: [create, update, delete, read]},
        ])
{
    id: ID!
    owner: String
    favoriteFlavor: String
}
  • Pros: All the capabilities of the API
  • Cons: Each person has two "users" (a Cognito user and a table user)

If the AppSync approach is best, should other fields carry over to the table (like the name or email)?

Thanks!

Solution

  • From my experience, use both is the best.

    1. Fields related with authenticated (email, username, phone, ...), save it on both Cognito and DB. 1 Cognito custom attribute "custom:id" to mapping with User "id" in DB.
    2. Other attributes, save them to DB for more flexible. Because cognito Custom attributes can't be searched, and the Cognito APIs Limit (request per second) is not good for using regularly: https://docs.aws.amazon.com/cognito/latest/developerguide/limits.html, so save and fetch from DB is better.
    3. When user update fields related authenticated, you have to update on both Cognito and DB.

    Hope this help you.