Use of access tokens with AWS Cognito and API Gateway

Asked Oct 29 '17 at 21:16

Active Oct 29 '17 at 21:16

Viewed 162 times

I'm in the midst of implementing Cognito as the authorizer for my Lambda functions through API Gateway but just trying to wrap my head around a few concepts.

What is the purpose of access tokens with Cognito?

In order to authorize request I pass the id_token as the authorization header, which from my understanding you would normally pass the access token as the bearer.

The only way I see access tokens being used is if I build a custom autohrizer but since the logic is already all there there's no point.

Cheers

asked Oct 29 '17 at 21:16

Benjamin Sweney

I have validation all working just trying to understand the use of the access_token vs the _id_token – Benjamin Sweney Oct 29 '17 at 23:03
Yep. This is not a duplicate. This is more like access toke vs id token & when to use which one – agent420 Oct 31 '17 at 12:40
Precisely, so if someone could answer that would be great haha – Benjamin Sweney Nov 02 '17 at 03:53

Use of access tokens with AWS Cognito and API Gateway

0 Answers0