2 réponses
- Le plus récent
- Le plus de votes
- La plupart des commentaires
0
In theory, this should work out of the box as a JWT authoriser with APIGW HTTP APIs [1]. Every OAuth2/OIDC implementation has quirks, though, so interoperability isn't guaranteed. You'll need to work out the issuer endpoint for your authentication provider -- it should be the iss claim in a JWT issued by the provider.
Also, I'm pretty sure APIGW doesn't support redirecting unauthenticated requests to the authentication provider's authorisation endpoint. That might make things a bit trickier, depending on how your front-end app works.
[1] https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-jwt-authorizer.html
répondu il y a 4 ans
Contenus pertinents
- demandé il y a un an
- demandé il y a 8 mois
- demandé il y a 3 mois
- Réponse acceptéedemandé il y a 2 ans
- AWS OFFICIELA mis à jour il y a 10 mois