How to implement role based log-in

First of all thanks a lot for writing such an awesome tutorial.

I am working on a personal project where i have requirements based on userbase. Few use-cases

  1. Displaying application menu. I am thinking that the menu items will be fetched using lambda and based on role, only specific items will be available to specific role

  2. Role base action. There will be multiple use-cases where a user (admin) can do one action but another user can’t do the same action.

Now if i am using AWS Cognito, how would i implement roles and how would i customize them based on my requirements.

1 Like

Replying to bump this thread.

So there are multiple ways to do this. You can use User Pool Groups:

But we ended up doing it ourselves.

Thanks. Can you elabore how did you do it by yourself.

One of my use-case is that a user would be assigned a role by admin. so i am not sure how this use-case will be implemented on web where a user’s pool group will be modified via an admin

I think a simple way would be when the app loads, you can load the user info from the DB, load the role as a prop (or context) in your React app, and use that across your code. Also, for certain API calls check the role on the backend before doing an action. So this doesn’t rely on Cognito, it requires you to manage the permissions yourself.

1 Like