We have a custom authorizer for Auth0 configured in API Gateway. We want it to load different configuration values based on what stage it is invoked from. Is there a known way to handle this?
Asked
Active
Viewed 1,546 times
1 Answers
3
You have 2 options:
If you want to use the same authorizer function for both stages, you can parse the input passed to the function which includes the stage:
{ "type":"TOKEN", "authorizationToken":"<caller-supplied-token>", "methodArn":"arn:aws:execute-api:<regionId>:<accountId>:<apiId>/<stage>/<method>/<resourcePath>" }If you want to use different functions per stage you can make use of stage variables. Note: You will have to use the CLI or SDK to add an authorizer with a stage variable. An example with the CLI:
aws apigateway update-authorizer --rest-api-id <apidId> --authorizer-id <authorizerId> --patch-operations '[{"op":"replace","path":"/authorizerUri","value":"arn:aws:apigateway:<region>:lambda:path/2015-03-31/functions/arn:aws:lambda:<region>:<accountId>:function:${stageVaribles.authorizer}/invocations"}]'
Bob Kinney
- 8,870
- 1
- 27
- 35
-
Thanks! We chose to go with Option 1. I think for larger deployments where more configuration churn could exist #2 would require deployment scripting. – Todd Baur Jul 20 '16 at 21:45
-
var methodArn = event.methodArn.split('/')[1] || "development"; config = environments[methodArn]; – Todd Baur Jul 20 '16 at 21:46