En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

Can I fully authenticate to AWS iOT through API Gateway HTTP using only header authentication methods?

0

HI

I am looking to build an app using FlutterFlow to interact with AWS iOT Core. The plan is to interact through the app and register iOT devices, and create / edit rules in iOT.

The issue is that FlutterWave only has simple API authentication. I.e. they only allow authorisation through headers in the HTTP request.

Is there a way to use Cognito or API Gateway, with a Lambda function if needed, to authenticate such that I can do more than shown here (publish mostly): https://docs.aws.amazon.com/solutions/latest/constructs/aws-apigateway-iot.html

Or, do I need to authenticate through Congito and IAM such that the user is authenticated fully, and can create iOT devices, edit rules etc?

There is also a way to authenticate through Firebase, not sure if that can help?

Thanks

Sujets
Internet des objets (IoT)Sans serveurCalculWeb et mobile front-endRéseaux et diffusion de contenuSécurité, identité et conformité
Balises
AWS IoT CoreAWS LambdaPasserelle API AmazonAmazon CognitoAWS IoT Device Management
Langue
English
AWS-User-6834750
demandé il y a 2 ans787 vues
1 réponse
1

You could implement custom authorizer to validate the header request before to forward the request to IoT as described in the link you posted.

If you want to use the REST API (as in the link posted) you can check here for information on how to create a custom authorizer via lambda. This would allow you to get the request header and verify it before your request is forwarded to IoT

If you want to use HTTP Api gateway (but I don't think you can link directly to IoT) you can check here

Miki
répondu il y a 2 ans
  • AWS-User-6834750
    il y a 2 ans

    Thanks Miki!

    I have looked through the documentation further and HTTP calls are restricted in what they can do, only publish.

    Plus, I don't think I can provision devices through the HTTP API.

    Do you know if there's a way to have someone hit an HTTP API gateway, and a Lambda function then upgrades that transmission to a MQTT or MQTT over WebSockets connection?

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents