Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post

OAuth Scope based Authorization in AppSync

0

Assume we have Cognito user pools with one application (ex: photos app) with custom scopes defined (ex: photos.read). In https API GW, we can restrict the access using the scope and audience. This article is explains using group claims - https://aws.amazon.com/blogs/mobile/graphql-security-appsync-amplify/. Can we do similar authorization based on OAuth scope ?

Tópicos
Sem servidorWeb e dispositivos móveis front-endIntegração de aplicativosRede e entrega de conteúdoSegurança, identidade e conformidade
Tags
AWS AppSyncGateway do Amazon APIAWS AmplifyAmazon Cognito
Idioma
English
Navin GV
feita há 2 anos555 visualizações
1 Resposta
1

Hello!

I was taking a peek at your question and conversing with some colleagues, and I think I may have found an example CDK (AWS Cloud Development Kit) example that you may be able to test this with:

https://serverlessland.com/patterns/eventbridge-api-appsync-cdk

The serverlessland.com website is a site that our serverless developer advocates curate serverless patterns on, and after taking a peek at the page and corresponding GitHub page, I think this may be able to get you a head start on testing this.

Note it may spin up some infrastructure you don't need, but it will give you start on automating your deployments.

AWS
ENGENHEIRO DE SUPORTE
Tim_P
respondido há 2 anos

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas

Conteúdo relevante