Admin and super admin Authorization and conditional rendering using AWS Amplify + React app

I am working on Amplify + React fullstack app and have created complete Authentication flow. I want to authorize users based on their roles i.e. admin, superadmin, user, etc. When I sign up a new user, I am seeing the details in AWS Cognito but I am not able to figure out the roles for the user. I have two solutions in mind.

Add a userType custom attribute in User table in AWS Cognito.
Create three different groups in the pool and handle them manually.

I want to know which solution is better. I am unable to find any help online so it would be great if the detailed steps are shared. Thanks in advance.

Solution

cognito groups are meant for exact same use cases. you can create a group named ADMIN and in your client you may check if the signed in user is part of ADMIN group like this

user.signInUserSession.accessToken.payload["cognito:groups"]?.includes("ADMIN")

Vue.js and and amplify for aws
Unrecognizable Lambda Output Cognito
AWS Cognito - IAM - Deny all access to public/unauth users - Federated
AWS Cognito - User pool xxxx does not exist
How to restrict AWS Cognito users from taking certain actions?
Invalidate AWS Cognito token at logout
AWS API Gateway Access vs Id Token
Get Cognito verification code in lambda to send SMS using local provider
Cognito: User Pool Client OAuth Scope Limitation
AWS Amplify Auth with Cognito User Pool not returning nonce or at_hash claim in JWT id_token
Get user attributes AWS Amplify iOS SDK
Are the Cognito User pool id and Client Id sensitive?
AWS-Cognito: Is it possible to edit the User Pool name after creating the User Pool?
AWS Cognito - Invalid Refresh Token
Terraform AWS OpenSearch using Cognito module circular problem
Add AWS IAM users to AWS Cognito Pool
AWS Cognito: Add custom claim/attribute to JWT access token
Getting AWS cognito attributes
How do I access the group for a Cognito User account?
Persisting login when users open new tab
AWS Cognito Hosted UI - Internationalization
Unable to verify secret hash for client in Amazon Cognito Userpools
AWS Cognito: Reset Expired Temporary Password
AWS Cognito Post authentication Lambda trigger - return NotAuthorizedException
Enabling and Configuring Password History on Cognito
How to link AWS Cognito native user to the federated user
Add role based authentication using next-auth in NextJS
Aws Cognito Oauth2: Refresh token rotation
Error while doing IdP initiated login using AWS Cognito
Why is Next.js throwing Error: WEBPACK_IMPORTED_MODULE is not a function?