Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

OAuth Scope based Authorization in AppSync

0

Assume we have Cognito user pools with one application (ex: photos app) with custom scopes defined (ex: photos.read). In https API GW, we can restrict the access using the scope and audience. This article is explains using group claims - https://aws.amazon.com/blogs/mobile/graphql-security-appsync-amplify/. Can we do similar authorization based on OAuth scope ?

Temas
Sin servidorWeb y móvil front-endIntegración de aplicacionesRedes y entrega de contenidoSeguridad, identidad y cumplimiento
Etiquetas
AWS AppSyncAmazon API GatewayAWS AmplifyAmazon Cognito
Idioma
English
Navin GV
preguntada hace 2 años555 visualizaciones
1 Respuesta
1

Hello!

I was taking a peek at your question and conversing with some colleagues, and I think I may have found an example CDK (AWS Cloud Development Kit) example that you may be able to test this with:

https://serverlessland.com/patterns/eventbridge-api-appsync-cdk

The serverlessland.com website is a site that our serverless developer advocates curate serverless patterns on, and after taking a peek at the page and corresponding GitHub page, I think this may be able to get you a head start on testing this.

Note it may spin up some infrastructure you don't need, but it will give you start on automating your deployments.

AWS
INGENIERO DE SOPORTE
Tim_P
respondido hace 2 años

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante