1回答
- 新しい順
- 投票が多い順
- コメントが多い順
0
I don't think what you are trying to do is possible. The error indicate that the built in JWT authorizer can't read the public key. Normally it tries to fetch the keys from https://<iss>/.well-known/jwks.json
however the keys for https://cognito-identity.amazonaws.com
is different per region, tryin to fetch https://cognito-identity.amazonaws.com/.well-known/jwks.json
result in an access denied.
Instead try and verify using your own custom authorizer using the normal JWT validation steps.
1: Get OpenId config from: https://cognito-identity.amazonaws.com/.well-known/openid-configuration
2: Use the jwks_uri to fetch list of keys (e.g https://cognito-identity.amazonaws.com/.well-known/jwks_uri)
3: Use kid in token to get the correct key
4: Perform validation
関連するコンテンツ
- AWS公式更新しました 3ヶ月前
- AWS公式更新しました 2年前