By using AWS re:Post, you agree to the Terms of Use
/OAuth Scope based Authorization in AppSync/

OAuth Scope based Authorization in AppSync


Assume we have Cognito user pools with one application (ex: photos app) with custom scopes defined (ex: In https API GW, we can restrict the access using the scope and audience. This article is explains using group claims - Can we do similar authorization based on OAuth scope ?

1 Answers


I was taking a peek at your question and conversing with some colleagues, and I think I may have found an example CDK (AWS Cloud Development Kit) example that you may be able to test this with:

The website is a site that our serverless developer advocates curate serverless patterns on, and after taking a peek at the page and corresponding GitHub page, I think this may be able to get you a head start on testing this.

Note it may spin up some infrastructure you don't need, but it will give you start on automating your deployments.

answered 4 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions