Questions tagged [aws-lambda-authoriser]

I have an API gateway with CORS and a default authorizer, but obviously I don't want my options requests to be authorized. Luckily AWS made the attribute "AddDefaultAuthorizerToCorsPreflight" which when set to "false" should make sure that the…

I am developing an API with AWS API Gateway, and the authorization to consume the API endpoints is based on JWT tokens. As a requirement, the server needs to follow strictly the behavior described in RFC 6750: "OAuth 2.0 Bearer Token Usage". In…

I am writing a custom lambda authoriser used for a V2 HTTP APIGateway. The authoriser is using the V2 Simple response format. I have various checks i.e. check a header exists, validate the token, check for custom claims etc. If any of these fails I…