Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Authorization header (what about in form parameter?)

0

We currently support Authorization being passed in the header.

But we have one customer saying that they cannot pass header parameter and can only pass form parameter.

How can we enforce Auth if authorization is coming from form parameters?

Note: we are using Hydra as OAuth2 server

Themen
ServerlosFrontend-Web & MobileVernetzung & Bereitstellung von Inhalten
Tags
Amazon API-Gateway
Sprache
English
Johnson965
gefragt vor 5 Jahren302 Aufrufe
3 Antworten
1

Hello:

Unfortunately there is currently no native authorization in API Gateway that supports access to the payload (where form parameters would be present). You would have to pass this information to your integration and authorize the request in your integration.

Regards,
Bob

EXPERTE
AWS-User-0395676
beantwortet vor 5 Jahren
1

when you say Integration... you mean like in a Lambda Integration

Correct. Apologies for the inconvenience.

Regards,
Bob

EXPERTE
AWS-User-0395676
beantwortet vor 5 Jahren
0

when you say Integration... you mean like in a Lambda Integration. I will be checking the client credentials against hydra in one of the Lambda itself

that is exactly what I am thinking. But having doubts if it beats the best practices
unfortunately, we need to support the customer's needs

Johnson965
beantwortet vor 5 Jahren

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt