Passing custom data from AWS Lambda Authorizer

Question

In short, I want to pass information from my custom Lambda Authorizer to the backend. I have an rest API GW with a proxy integrated lambda as backend. The return object form the custom authorizer looks like this the json below. In this case I want to pass var1 and var2 to the proxy lambda.

{
    "principalId": "ExecuteAPISid",
    "policyDocument": {
        "Version": "2012-10-17",
        "Statement": [{
            "Action": "execute-api:Invoke",
            "Effect": "Allow",
            "Resource": "*"
        }]
    },
    "context": {
        "var1": "hello_world",
        "var2": "hello_world2"
    }
}

I see that this question has been asked and answered previously, however the suggested solution, as mention for example here, refers to "header mappings" under Integration Request in the AWS API Gateway menu. For me however, I have no such options. Thus I have an idea of what I want to do but lack the ability to how to implement it.

Does anyone have an idea of how to implement these header mappings? Complete settings shown in image below.

Edit: After further digging it turns out that the issue relates to me using using a lambda-proxy integration. This answer highlights just that. However, that simply shifts my question to: why is my requestContext not containing the authorizer object.

Is the configured Integration request type a LAMBDA or LAMBDA_PROXY? If it is a lambda proxy then you don't need to map the headers from the request, it is automatically wired up - "Requests will be proxied to Lambda with request details available in the `event` of your handler function." — Ross Bush, Dec 08 '22 at 14:52
- In your lambda function try to output the event object and see if the headers and context values are already there. — Ross Bush, Dec 08 '22 at 14:55
I did, logg the entire event object and there is no trace of it. Which is what I expect reading online, which is the whole reason to why the mapping of headers are needed. — Frankster, Dec 08 '22 at 15:00
Did you define Request Headers/Request Body in the Method Request and are those values being sent over properly? — Ross Bush, Dec 08 '22 at 15:02
I don't know, honestly, could you refer me to something that gives me an idea of how to answer that? — Frankster, Dec 08 '22 at 15:10
https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-lambda-proxy-integrations.html — Ross Bush, Dec 08 '22 at 15:12
Inside the auth lambda headers values can be added to the response -> See "Set up Lambda proxy integration using the AWS CLI" - there is an example of returning values on a lambda response. I *think* that is what you need here. — Ross Bush, Dec 08 '22 at 15:16
Your suggestion simply shows how to interact with regular http parameters or headers through the event object. — Frankster, Dec 08 '22 at 15:44

score 1 · Accepted Answer · answered Dec 09 '22 at 08:47

Turns out that when you are using proxy integration then the context object from the custom Authorizer Lambda is automatically passed through to the event as:

"requestContext": {
    "resourceId": "XXXX",
    "authorizer": {
        "var1": "hello_world1",
        "var2": "hello_world2",
        "principalId": "ExecuteAPIS",
        "integrationLatency": 780
    },

The problem was that I had forgotten to "deploy" my API GW.

Passing custom data from AWS Lambda Authorizer

1 Answers1