For some reason, in my express app, the event.requestContext.identity.cognitoIdentityId is null, but I could get event.requestContext.authorizer.claims['cognito:username'] after much messing around with serverless. So I have two questions:
What is required in my app for cognitoIdentityId to not be null?
Is cognito:username safe to use as an alternative? I’m wanting to lock down certain express routes using it.