Custom attribute not passed into ID_TOKEN created by AWS Cognito

Question

I am not able to get custom attribute in ID_TOKEN returned from AWS Cognito after successful user login.

Steps I tried :

1.Created user pool 2.C

Answer 1

I had the same trouble and your question came up when I was searching for a solution.

My custom attributes started to appear in ID token when I enabled profile scope in 'App client settings'. (available at: AWS console-> 'User pools'-> click your pool -> 'App client settings' -> 'Allowed OAuth Scopes')

(BTW: I was misled by this sentence from the documentation: "The openid scope returns all user attributes in the ID token that are readable by the client". In my case openid scope was not enough.)

Answer 2

• In your Cognito user pool go to General Settings -> App Clients, then for each app client click on Show Details, then Set attribute read and write permissions. Check the checkbox next to your attribute name under Readable Attributes.
• In your Cognito user pool go to App client settings -> Allowed OAuth Scopes and enable profile scope.