my design is setting up auth token and refresh token storing in http-only cookie. i do generate http-only cookie via api gateway and lambda. i successfully store the token in cookie. my design want to pass the cookie within request to appsync for some authenticated service. the authentication logic will be verify token when client pass request with cookie to appsync in lambda resolver. i have set the cookie as header even with proxy server. However, in appsync endpoint, i still cannot receive cookie header. Any solution can make appsync receive custom cookie header then passing to lambda do verification? My target apply region is in HK where do not support cognito. My design will main rely in graphql api (appsync) and only api gateway for cookie distribution.
