I need to have an AccessToken for a user which has just been authenticated through our web-app via Cognito APIs, and use it inside the code in my custom PostAuthentication trigger event handler lambda function, to update one some user-attributes on the just authenticated user.
How can I get it?
I was hoping that the AccessToken value would already be available to the aforementioned lambda, either in its first [event] or second [context] argument, but it seems not present in there, according to documentation, if I didn't read the wrong one atleast.
Thank you.
No. We can not retrieve the access token in this lambda. (In fact, access token will generate in a later stage).
In order to update user attributes of the authenticated user, you should be able to use AdminUpdateUserAttributes action.
In the event argument of the Post Authentication Lambda, there are two attributes called userName and userPoolId as mentioned in the document. These values needs to be passed in the AdminUpdateUserAttributes action.
Please note that you should provide the permission in Post Authentication Lambda for cognito-idp:AdminUpdateUserAttributes.