warrant icon indicating copy to clipboard operation
warrant copied to clipboard
verified publisher icon capless

Get user's group data

Open martinn opened this issue 7 years ago • 3 comments

Hi there, first of all, thanks for a great library and apologies if this exists already, haven't been able to find it.

Is it possible to get the groups assigned to a user? And similarly, be able to assign a group to a user when creating it?

I can see methods for retrieving group data but not linked to users.

Thanks!

martinn avatar Feb 14 '18 22:02 martinn

For future reference, the cognito groups are stored in the id_token under 'cognito:groups' when authenticating.

Unsure how to get them for each user.

martinn avatar Mar 16 '18 03:03 martinn

You do have access to the underlying boto3 client via the client attribute.

Then it's just a matter of reading the boto3 documentation, you can do something like

groups = u.client.admin_get_list_groups_for_user(Username=username)

aaronhayes avatar Jul 12 '18 05:07 aaronhayes

For future reference, the cognito groups are stored in the id_token under 'cognito:groups' when authenticating.

Unsure how to get them for each user.

You can decode the id_token with verify_token. Then it's just a matter of getting cognito:groups:

decodedIdToken = u.verify_token(u.id_token, 'id_token', 'id')
groups = decodedIdToken['cognito:groups']

ryanlwh avatar Jun 13 '21 14:06 ryanlwh