fix: add custom attribute to cognito for OIDC and SAML deployments (#673)

* fix: add custom attribute to cognito for OIDC and SAML deployments

* make custom attribute optional

---------

Co-authored-by: Maryam Khidir <[email protected]>

Author: maryamkhidir

lib/authentication/index.ts

@@ -20,6 +20,10 @@ export class Authentication extends Construct {
   constructor(scope: Construct, id: string, config: SystemConfig) {
     super(scope, id);
 
+    const customAttributes = config.cognitoFederation?.enabled
+      ? { chatbot_role: new cognito.StringAttribute({ mutable: true }) }
+      : undefined;
+
     const userPool = new cognito.UserPool(this, "UserPool", {
       removalPolicy:
         config.retainOnDelete === true
@@ -34,6 +38,7 @@ export class Authentication extends Construct {
       signInAliases: {
         email: true,
       },
+      ...(customAttributes && { customAttributes }),
     });
 
     new cognito.CfnUserPoolGroup(this, "AdminGroup", {