HTTP API with JWT Authoriser

0

I have Cognito User Pool setup and used amplify setup for my page and got a ID token. I am trying to use that to authorize a HTTP API using JWT authorizer . Using the jwt.io I tried to decode the JWT and got the ISS. I have this setup .

Issuer = <iss value from token>
audience = aud (this has the app client id for the cognito user pool>
Identity source = $request.header.Authorization

Since I use the ID token, I did not setup any scope. I tried to test this with curl

curl -X POST <api endpoint> -H 'Authorization:<jsw ID token>'

I get

401: Unauthorised

Note : The API works fine if I detach the authorizer. Also, the token works fine if I create a REST API and configure the cognito authoriser

Would appreciate if someone can help.

Edited by: koude on Apr 23, 2020 6:42 PM

2개 답변
1

Hello, can you check the "www-authenticate" header in the response? There should be a message with additional information there.

AWS
답변함 4년 전
1

It helped. I had a wrong audience. Need to put the app_client_id of the Cognito User Pool in the "Audience" field of the JWT authorizer.

This is the value that is in the JWT for key "aud"

Thanks.

koude
답변함 4년 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠