1개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
0
I don't think what you are trying to do is possible. The error indicate that the built in JWT authorizer can't read the public key. Normally it tries to fetch the keys from https://<iss>/.well-known/jwks.json
however the keys for https://cognito-identity.amazonaws.com
is different per region, tryin to fetch https://cognito-identity.amazonaws.com/.well-known/jwks.json
result in an access denied.
Instead try and verify using your own custom authorizer using the normal JWT validation steps.
1: Get OpenId config from: https://cognito-identity.amazonaws.com/.well-known/openid-configuration
2: Use the jwks_uri to fetch list of keys (e.g https://cognito-identity.amazonaws.com/.well-known/jwks_uri)
3: Use kid in token to get the correct key
4: Perform validation
관련 콘텐츠
- AWS 공식업데이트됨 3달 전
- AWS 공식업데이트됨 2년 전