Get user's group data

Question

Get user's group data

martinn opened this issue 7 years ago · 3 comments

Hi there, first of all, thanks for a great library and apologies if this exists already, haven't been able to find it.

Is it possible to get the groups assigned to a user? And similarly, be able to assign a group to a user when creating it?

I can see methods for retrieving group data but not linked to users.

Thanks!

Answer 1 · 2018-03-16T03:40:48.000Z

For future reference, the cognito groups are stored in the id_token under 'cognito:groups' when authenticating.

Unsure how to get them for each user.

Answer 2 · 2018-07-12T05:39:53.000Z

You do have access to the underlying boto3 client via the client attribute.

Then it's just a matter of reading the boto3 documentation, you can do something like

groups = u.client.admin_get_list_groups_for_user(Username=username)

Answer 3 · 2021-06-13T14:00:12.000Z

For future reference, the cognito groups are stored in the id_token under 'cognito:groups' when authenticating.

Unsure how to get them for each user.

You can decode the id_token with verify_token. Then it's just a matter of getting cognito:groups:

decodedIdToken = u.verify_token(u.id_token, 'id_token', 'id')
groups = decodedIdToken['cognito:groups']