CognitoIdentityProvider / Client / add_custom_attributes



Adds additional user attributes to the user pool schema.


Amazon Cognito evaluates Identity and Access Management (IAM) policies in requests for this API operation. For this operation, you must use IAM credentials to authorize requests, and you must grant yourself the corresponding IAM permission in a policy.

Learn more

See also: AWS API Documentation

Request Syntax

response = client.add_custom_attributes(
            'Name': 'string',
            'AttributeDataType': 'String'|'Number'|'DateTime'|'Boolean',
            'DeveloperOnlyAttribute': True|False,
            'Mutable': True|False,
            'Required': True|False,
            'NumberAttributeConstraints': {
                'MinValue': 'string',
                'MaxValue': 'string'
            'StringAttributeConstraints': {
                'MinLength': 'string',
                'MaxLength': 'string'
  • UserPoolId (string) –


    The user pool ID for the user pool where you want to add custom attributes.

  • CustomAttributes (list) –


    An array of custom attributes, such as Mutable and Name.

    • (dict) –

      A list of the user attributes and their properties in your user pool. The attribute schema contains standard attributes, custom attributes with a custom: prefix, and developer attributes with a dev: prefix. For more information, see User pool attributes.

      Developer-only attributes are a legacy feature of user pools, are read-only to all app clients. You can create and update developer-only attributes only with IAM-authenticated API operations. Use app client read/write permissions instead.

      • Name (string) –

        The name of your user pool attribute, for example username or custom:costcenter.

      • AttributeDataType (string) –

        The data format of the values for your attribute.

      • DeveloperOnlyAttribute (boolean) –


        You should use WriteAttributes in the user pool client to control how attributes can be mutated for new use cases instead of using DeveloperOnlyAttribute.

        Specifies whether the attribute type is developer only. This attribute can only be modified by an administrator. Users won’t be able to modify this attribute using their access token. For example, DeveloperOnlyAttribute can be modified using AdminUpdateUserAttributes but can’t be updated using UpdateUserAttributes.

      • Mutable (boolean) –

        Specifies whether the value of the attribute can be changed.

        Any user pool attribute whose value you map from an IdP attribute must be mutable, with a parameter value of true. Amazon Cognito updates mapped attributes when users sign in to your application through an IdP. If an attribute is immutable, Amazon Cognito throws an error when it attempts to update the attribute. For more information, see Specifying Identity Provider Attribute Mappings for Your User Pool.

      • Required (boolean) –

        Specifies whether a user pool attribute is required. If the attribute is required and the user doesn’t provide a value, registration or sign-in will fail.

      • NumberAttributeConstraints (dict) –

        Specifies the constraints for an attribute of the number type.

        • MinValue (string) –

          The minimum value of an attribute that is of the number data type.

        • MaxValue (string) –

          The maximum value of an attribute that is of the number data type.

      • StringAttributeConstraints (dict) –

        Specifies the constraints for an attribute of the string type.

        • MinLength (string) –

          The minimum length.

        • MaxLength (string) –

          The maximum length.

Return type:



Response Syntax


Response Structure

  • (dict) –

    Represents the response from the server for the request to add custom attributes.


  • CognitoIdentityProvider.Client.exceptions.ResourceNotFoundException

  • CognitoIdentityProvider.Client.exceptions.InvalidParameterException

  • CognitoIdentityProvider.Client.exceptions.TooManyRequestsException

  • CognitoIdentityProvider.Client.exceptions.NotAuthorizedException

  • CognitoIdentityProvider.Client.exceptions.UserImportInProgressException

  • CognitoIdentityProvider.Client.exceptions.InternalErrorException