En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

How do I authorize users based on their group in the cognito user pool in the API gateway authorizer? I am aware id_token and access_tokens have cognito: groups in the payload, but how to access it?

0

I have a Java service running in lambda. simple hello world application with a get API. I have also configured an API gateway with the cognito user pool as my authorizer. In my Cognito user pool, I have created a group (say admin) and added a few of my users to that group. Now I want users who have an admin group alone to access my API. At this point, any user who has signed up for the service and has valid tokens are allowed access. I would like to know if

  1. I can do this with cognito authorizer in the API gateway itself or some other means with minimal code.
  2. If not how to implement this java. Are there any documentation for the same?
Sujets
Sans serveurWeb et mobile front-endRéseaux et diffusion de contenuSécurité, identité et conformitéFramework AWS Well-Architected
Balises
Passerelle API AmazonAmazon CognitoSécuritéGroupes d'utilisateurs d’Amazon Cognito
Langue
English
Sivakami
demandé il y a 10 mois341 vues
1 réponse
0

Using the Solution Overview depicted in this blog as a reference, can you describe which step you are having trouble with?

https://aws.amazon.com/blogs/security/building-fine-grained-authorization-using-amazon-cognito-api-gateway-and-iam/

profile picture
cyrk-aws
répondu il y a 10 mois

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents