1 Antwort
- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
0
API Gateway supports only a single authorization method per route. If need something which is more complex than what API Gateway supports (Cognito or IAM), you will need to use a Lambda authorizer. In the authorizer you can check the source (based on maybe some secret header that you pass from the client) and if it is not your client, you check for the other token.
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor 3 Jahren
- AWS OFFICIALAktualisiert vor 3 Jahren
- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor 9 Monaten
You can use both Cognito and API keys, however, if you specify that API keys are required, they will be required for everyone.
Not really, but it is not very different than passing an API key.