1 Antwort
- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
0
I don't think what you are trying to do is possible. The error indicate that the built in JWT authorizer can't read the public key. Normally it tries to fetch the keys from https://<iss>/.well-known/jwks.json
however the keys for https://cognito-identity.amazonaws.com
is different per region, tryin to fetch https://cognito-identity.amazonaws.com/.well-known/jwks.json
result in an access denied.
Instead try and verify using your own custom authorizer using the normal JWT validation steps.
1: Get OpenId config from: https://cognito-identity.amazonaws.com/.well-known/openid-configuration
2: Use the jwks_uri to fetch list of keys (e.g https://cognito-identity.amazonaws.com/.well-known/jwks_uri)
3: Use kid in token to get the correct key
4: Perform validation
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor 3 Jahren
- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor 2 Jahren