Can we migrate the AWS Cognito users between the user pools

+5 votes
I am using AWS Cognito. I have a pretty common scenario: users can register in different roles. Depending upon the roles, different user attributes are required, right?  so for that,  I really need to use different user pools.

Now a user is willing to upgrade from role A to role B - do I need to move his account from one pool to another. Is this possible with AWS? Can we export/migrate users out of AWS Cognito, does it cause vendor lock-in? seems to indicate the opposite.
If not possible this way, what would be a reliable solution to achieve requiring different user attributes depending on different user roles with AWS Cognito. NOTE that it requires/verifying them only on the front end is not a possible solution.
Apr 13, 2018 in AWS by Flying geek
• 3,280 points

edited Apr 13, 2018 by Flying geek 10,583 views

2 answers to this question.

+1 vote
Best answer

Yes, it is possible that this scenario is best solved by using Groups instead of a separate user pool for each one of the role. 
You can check on this link: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-user-groups.html
When you open this link to find out how to transfer users to a new pool (for example:  you want to create a new user pool in order to change how your users log in), then there isn't any built-in way to do this. However, there are solutions that you can be built in order to migrate users, for that you can check this link: https://aws.amazon.com/blogs/mobile/migrating-users-to-amazon-cognito-user-pools/

Create your new user pool.
Modify your client to do the following:

On a failed sign in with new user pool, try to sign in with old user pool.
If existing user pool sign-in is successful, use the username and password that was submitted to the existing sign in to create a user on the new user pool.
Possibly do something to remove the user from the old user pool or mark them as migrated.
Take a look at this flowchart here, this might help:

You can export users and import them to a new user pool with a CSV file, but your users need to change their password for that.

answered Apr 13, 2018 by Cloud gunner
• 4,670 points

selected Aug 1, 2018 by Priyaj
+1 vote

There are two ways you can import or migrate users from your existing userdirectory or user database into Amazon Cognito User PoolsYou can migrate users when they sign-in using Amazon Cognito for the first time with a user migration Lambda trigger.
You can get a brief detail on 
https://aws.amazon.com/blogs/mobile/migrating-users-to-amazon-cognito-user-pools/

answered Aug 1, 2018 by bug_seeker
• 15,510 points

Related Questions In AWS

0 votes
2 answers
+9 votes
17 answers

AWS VPC - What is the difference between Internet Gateway & NAT

Internet Gateway An Internet Gateway is a logical connection ...READ MORE

answered Apr 24, 2018 in AWS by Flying geek
• 3,280 points

edited Jul 10, 2023 by Khan Sarfaraz 128,619 views
0 votes
1 answer

Want to use an AWS Cognito User Pool without putting a password(for an easier approach)

Currently, AWS Cognito is not supporting passwordless ...READ MORE

answered May 4, 2018 in AWS by Cloud gunner
• 4,670 points
5,520 views
+15 votes
2 answers

Git management technique when there are multiple customers and need multiple customization?

Consider this - In 'extended' Git-Flow, (Git-Multi-Flow, ...READ MORE

answered Mar 27, 2018 in DevOps & Agile by DragonLord999
• 8,450 points
4,053 views
+2 votes
1 answer
+5 votes
2 answers

Can we export/migrate users from AWS cognito, does it cause vendor lock-in?

Cognito actually has the capability to import ...READ MORE

answered Aug 1, 2018 in AWS by bug_seeker
• 15,510 points
5,041 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP