By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Cognito User pool with JWT token

0

Hi, I am using Custom Authoriser with Cognito User Pool for securing my API gateway. Using the "client_credentials" grant type to generate the access token. As additional security, I would like to include IP restrictions or IP whitelisting to the Authoriser. Is there is any way that I can include this IP Whitelisting to my custom Cognito Authoriser?

Regards Jo

Topics
ServerlessFront-End Web & MobileNetworking & Content DeliverySecurity, Identity, & Compliance
Tags
Amazon API GatewayAmazon Cognito User Pools
Language
English
Jo-Harrison
asked 2 years ago702 views
1 Answer
1
Accepted Answer
  • The requester's IP can be read via Enhanced Request Headers on the Custom Authorizer.
  • You can consider the Amazon API Gateway IP Allowlisting with a Resource Policy. See here for an example.
AWS
Rajarshi_D
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content