In AWS Cognito, you can add a user to a group (after first creating a group). A user may belong to one or more groups.
With using the JavaScript SDK (https://github.com/aws/amazon-cognito-identity-js), is there a way to read the assigned Groups? Would aws-sdk provide access over amazon-cognito-identity-js?
If you just need the Cognito UserPools Groups the Authenticated User is a member of, instead of making a separate API call, that data is encoded in the idToken.jwtToken that you received when authenticating.
This is useful for client-side rendering/access decisions in angular/react/etc. apps.
See the "cognito:groups" array claim in this example decoded idToken.jwtToken:
{
"sub": "a18626f5-a011-454a-b4c2-6969b3155c24",
"cognito:groups": [
"uw-app-administrator",
"uw-app-user"
],
"email_verified": true,
"iss": "https://cognito-idp.<region>.amazonaws.com/<user-pool-id>",
"cognito:username": "<my-user-name>",
"given_name": "<my-first-name>",
"aud": "<audience-code>",
"token_use": "id",
"auth_time": 1493918449,
"nickname": "Bubbles",
"exp": 1493922049,
"iat": 1493918449,
"email": "<my-email>"
}
Hope this helps.