Amplify-js: 400 after adding custom attribute

Created on 27 Mar 2018  路  4Comments  路  Source: aws-amplify/amplify-js

I created a user pool and realized after some while that I needed a new custom attribute. So I added the new attribute to my existing user pool. Now I get a 400 status code when I try to set the new attribute on some user

Auth.updateUserAttributes(user, { 'custom:myNewAttribute': 12345 });

When I create a new user pool and add the custom attribute before adding any users everything works as expected.

Does this mean, that I need to decide upfront on all potential custom attributes? What do I do when I need to edit an existing production user pool?

Auth documentation
Source
picture jkettmann

Most helpful comment

Should custom attribute keys have prefix custom: when I signUp or updateUserAttribute using Amplify?
I got this error: A client attempted to write unauthorized attribute when I tried to signUp a mutable custom attribute. 

Auth.signUp({
      username: email,
      password: pwd,
      attributes: {
        nickname, 'created_date' : currentDate
      }
    });

EDIT:
Found solution
Have to go to app clients -> set attribute read and write permissions -> set writable for these new custom_attributes
https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-attribute-permissions-and-scopes
https://stackoverflow.com/questions/44013901/amazon-cognito-a-client-attempted-to-write-unauthorized-attribute

picture Jun711 on 5 Apr 2018
👍9 🎉1

All 4 comments

@jkettmann for now the updateUserAttributes method only allows you to update attributes which already exist in your user attributes schema which means you cannot add new attribute. But Cognito do allow users to add custom attributes to the user pool schema so we will work on that to introduce this feature into amplify. Thanks.

powerful23 picture powerful23 on 27 Mar 2018

@jkettmann You can also add this attribute first in the user pool console and then that call should work

powerful23 picture powerful23 on 27 Mar 2018

Should custom attribute keys have prefix custom: when I signUp or updateUserAttribute using Amplify?
I got this error: A client attempted to write unauthorized attribute when I tried to signUp a mutable custom attribute. 

Auth.signUp({
      username: email,
      password: pwd,
      attributes: {
        nickname, 'created_date' : currentDate
      }
    });

EDIT:
Found solution
Have to go to app clients -> set attribute read and write permissions -> set writable for these new custom_attributes
https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-attribute-permissions-and-scopes
https://stackoverflow.com/questions/44013901/amazon-cognito-a-client-attempted-to-write-unauthorized-attribute

Jun711 picture Jun711 on 5 Apr 2018
👍9 🎉1

@mbahar can we add a note about this in the docs related to Auth / Custom Attributes

mlabieniec picture mlabieniec on 19 Apr 2018
👍2
Was this page helpful?
0 / 5 - 0 ratings

Related issues

rygo6 picture rygo6  路  3Comments
callmekatootie picture callmekatootie  路  3Comments
josoroma picture josoroma  路  3Comments
lucasmike picture lucasmike  路  3Comments
karlmosenbacher picture karlmosenbacher  路  3Comments