how to authenticate/Authorize https post request with Bearer token in api gateway?

Question

I have an api gateway with lambda set up , with resources/url set up. most of the examples i have seen in such REST API service set up for aws, is in the request header , client post request with "x-api-key" : somevalue, which in turn is used to authorization.

how to read a Bearer token in such scencario , or how to use bearer token and validate? do we have to write custom code to authenticate , while using bearer token? also , the set up i have in api gateway requires an api key, can i use bearer token value instead of api key or do i have to build a new service ( api gateway) to use this bearer token instead of api key?

Answer

Hi,

Assuming you are using the HTTP API with a JWT Authorizer, please,  take a look at this document : https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-jwt-authorizer.html

Then, go to this page to see how to write the Lambda authorizer: https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-jwt-authorizer.html

Best,

Didier

how to authenticate/Authorize https post request with Bearer token in api gateway?

相關內容