How to add email to Cognito access token?

I'm using AWS Cognit, and when validating the access token I need to extract the email attribute to handle some migration cases between the app's database and Cognito.

but the issue is that I can't find the email in the token; instead, I get a username, which is a UUID.

is there any way to include the email to the access token (without making an extra call to pre-token-generation-lambda)?

Solution

This is not currently supported. Your backend can however send the access token to the Cognito user info endpoint to get the email.

You can then produce a useful claims principal containing the email. Then cache the extra claims for subsequent backend requests. See this code of mine for an example.

How to debug Bearer error="invalid_token"
How to allow multiple accounts on the same browser in flask?
how do i link login form to html website on computer
Kubernetes Authentication no re-create token
What should we store in the session when using session-based authentication?
Use React Authentication with .NET backend?
How to authenticate large numbers of amazon S3 get requests
Can a client-side login be safe?
I'm trying to connect with my Heroku app and when I enter my email and password, it's asking me "Enter the code generated by your authenticator app."
How to generate COMMON KEY RING to Share cookies across subdomains?
django after submit login info, does not lead to intended detail view page
Getting OAuth code challenge on loopback server
Unable to login to GitHub account even with correct credentials
10 second delay between login and shell prompt.
Accessing private Azure Blob Storage using BlobServiceClient
Supabase signUp returning AuthRetryableFetchError 504
Cypress can't find the password field in the Microsoft Login
Where is correct place to authenticate users from multiple places?
symfony - getting logged out at form->handleRequest
Laravel auth vs Passport vs Sanctum
Hit web endpoints behind Devise authentication with non-browser request in a Rails app
HERE Geocoder API: authentication problem
Cookie LoginPath not redirecting to path
why my postman basic auth not working correctly?
AWS Cognito: Missing Scopes in Access Token with Custom UI and Device Remember Functionality for MFA
Cypress test starts from the begining for every test case
Auth.js v5 Database Session Strategy for Credential Provider Returning Null
NET MAUI unable to implement social login for Android and iOS
Proper design for th Keycloak auth with APIs and UI
AuthenticationFailed while calling azure api