En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

Access "aud" claim in resolver mapping for AWS AppSync

0

I am using OIDC Access tokens to authenticate calls to AWS AppSync. I would like to filter on the different client-ids that are using the API, but I am not able to access the claim "aud"

Is there a way to read the "aud" claim in the resolver template, or some other way of getting the client-id? $context.identity.aud does not work (NULL)

Sujets
Sans serveurWeb et mobile front-endIntégration d'applications
Balises
AWS AppSync
Langue
English
Ketil
demandé il y a 2 ans347 vues
2 réponses
0
Réponse acceptée

I found it myself, you can access all claims using:

$ctx.identity.claims.aud
Ketil
répondu il y a 2 ans
0

Hi, Sorry to crash this thread. Just wondering are you using AppSync GraphQL for the above case? And if so, are you calling your GraphQL Api directly from an external client via the GQL Api https://....../graphql URL? I am having an issue such that I am calling my GraphQL Api (testing via postman) via the https:// end-point. I am using AccessKey/SecretKey/Session token in the postman Authorization setting. I can hit the Api, and the resolver can see the incoming payload. However, my payload does NOT contain the "identity" property. The "augments" property is there, but not the "identity". According to documentation, if using AWS_IAM authentication, the "identity" should be there.

rePost-User-8196003
répondu il y a 2 ans

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents