Is it possible to chain authorizers in apigateway http api ?

Is it possible to chain authorizers in apigateway http api ? In the api gateway ui, I am only allowed to attach only one authorizer. We have 3 user personas, which has their own login and own cognito user pool.

We want to expose only one the new http api gateway and want to attach all the 3 authorizers i.e cognito user pools to authenticate .

I understand from this link, we can do it for rest api but want to understand whether we can do it for new http api gateway end point.

https://stackoverflow.com/questions/58453901/how-to-use-multiple-cognito-user-pools-for-a-single-endpoint-with-aws-api-gateway

주제

서버리스 프론트엔드 웹 및 모바일 네트워킹 및 콘텐츠 전송

태그

아마존 API 게이트웨이

언어

English

G V Navin

질문됨 일 년 전347회 조회

1개 답변

최신
최다 투표
가장 많은 댓글

수락된 답변

You can only have a single authorizer on every endpoint. If you need more than one, you will need to use a Lambda authorizer to verify both.

In addition to the authorizer you can specify a resource policy, include WAF and use mutual TLS. All pf these apply to all endpoints and they are evaluated in addition to the authorizer.

AWS-User-4371564

답변함 일 년 전

전문가

Antonio_Lagrotteria

검토됨 일 년 전

Uri 전문가
일 년 전
All true, expect HTTP APIs do not support WAF nor resource policies.

Is it possible to chain authorizers in apigateway http api ?

관련 콘텐츠