Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

Access "aud" claim in resolver mapping for AWS AppSync

0

I am using OIDC Access tokens to authenticate calls to AWS AppSync. I would like to filter on the different client-ids that are using the API, but I am not able to access the claim "aud"

Is there a way to read the "aud" claim in the resolver template, or some other way of getting the client-id? $context.identity.aud does not work (NULL)

Temas
Sin servidorWeb y móvil front-endIntegración de aplicaciones
Etiquetas
AWS AppSync
Idioma
English
Ketil
preguntada hace 2 años347 visualizaciones
2 Respuestas
0
Respuesta aceptada

I found it myself, you can access all claims using:

$ctx.identity.claims.aud
Ketil
respondido hace 2 años
0

Hi, Sorry to crash this thread. Just wondering are you using AppSync GraphQL for the above case? And if so, are you calling your GraphQL Api directly from an external client via the GQL Api https://....../graphql URL? I am having an issue such that I am calling my GraphQL Api (testing via postman) via the https:// end-point. I am using AccessKey/SecretKey/Session token in the postman Authorization setting. I can hit the Api, and the resolver can see the incoming payload. However, my payload does NOT contain the "identity" property. The "augments" property is there, but not the "identity". According to documentation, if using AWS_IAM authentication, the "identity" should be there.

rePost-User-8196003
respondido hace 2 años

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante