2

We have our identity server implemented using identity server

https://github.com/IdentityServer/IdentityServer3 or https://github.com/IdentityServer/IdentityServer4

And user will authenticate and get the access token from the identity server. We have some APIs developed in AWS api gateway. Just wondering what is the common practice to implement the authentication / authorization in the aws api gateway. We would prefer to use the existing access token from the identity server in the API gateway.

Stay Foolish
  • 3,636
  • 3
  • 26
  • 30

1 Answers1

1

You will need to configure a custom authorizer on your API Gateway. The Custom Authorizer will use a Lambda Function to validate the Access Token. You will need to configure the Lambda Function to validate accordingly to your token. Here are some resources to help you configure the API Gateway Custom Authorizer with Lambda Function:

KiteCoder
  • 2,364
  • 1
  • 13
  • 29