Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

How do I authorize users based on their group in the cognito user pool in the API gateway authorizer? I am aware id_token and access_tokens have cognito: groups in the payload, but how to access it?

0

I have a Java service running in lambda. simple hello world application with a get API. I have also configured an API gateway with the cognito user pool as my authorizer. In my Cognito user pool, I have created a group (say admin) and added a few of my users to that group. Now I want users who have an admin group alone to access my API. At this point, any user who has signed up for the service and has valid tokens are allowed access. I would like to know if

  1. I can do this with cognito authorizer in the API gateway itself or some other means with minimal code.
  2. If not how to implement this java. Are there any documentation for the same?
Argomenti
ServerlessFront-end web e dispositivi mobiliNetworking e distribuzione di contenutiSicurezza, identità e conformitàAWS Well-Architected Framework
Tag
Gateway API di AmazonAmazon CognitoSicurezzaBacini di utenza di Amazon Cognito
Lingua
English
Sivakami
posta 10 mesi fa341 visualizzazioni
1 Risposta
0

Using the Solution Overview depicted in this blog as a reference, can you describe which step you are having trouble with?

https://aws.amazon.com/blogs/security/building-fine-grained-authorization-using-amazon-cognito-api-gateway-and-iam/

profile picture
cyrk-aws
con risposta 10 mesi fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente