JWT regex for a specific aud

When configuring a Cognito Authorizer in API Gateway, a tooltip suggests providing a regex that will pre-validate the audience (aud).

I'm not clear on what the payload will be, so I'm not sure how to write this regex. Is there a sample regex available?

See this link for a screenshot: https://stackoverflow.com/questions/71014006/jwt-regex-for-a-specific-aud

Topics

Serverless Front-End Web & Mobile Networking & Content Delivery Security, Identity, & Compliance

Tags

Amazon API Gateway Amazon Cognito

Language

English

maxmoore14

asked 2 years ago650 views

2 Answers

Newest
Most votes
Most comments

Are these answers helpful? Upvote the correct answer to help the community benefit from your knowledge.

Accepted Answer

The tooltip actually talks about validating the token, i.e., the header, before sending it to Cognito. I do not think it makes a lot of sense to use it for a Cognito authorizer. It makes more sense when using a Lambda authorizer to make sure that the header contains the value in the right format. This will save you cost in the cases the format is invalid and then API Gateway will not invoke the function.

EXPERT

Uri

answered 2 years ago

-1

sorry I wasn't able to help, removing my answer

Sri

answered 2 years ago

maxmoore14
2 years ago
Please read the question.

Relevant content

Using Cognito Developer Identities on API Gateway JWT Authorizer
j0nd0n7
asked 10 months ago
Should I use Cognito Identity Pool OIDC JWT Connect Tokens in the AWS API Gateway?
Brandon-Ellis-AI
asked 2 years ago
CloudFormation regex validation error in Cognito::LogDeliveryConfiguration: CloudWatchLogsConfiguration.LogGroupArn
Accepted Answer
Nico
asked 4 months ago
Kafka connect Regex Transform not working in the MSK Connect
AWS-User-0607495
asked 2 years ago
Why am I getting API Gateway 401 Unauthorized errors after creating a Lambda authorizer?
AWS OFFICIALUpdated 2 years ago
What's the difference between the logout endpoint and the GlobalSignOut API in Amazon Cognito?
AWS OFFICIALUpdated a year ago
How can I configure a custom domain endpoint for multiple API Gateway APIs behind a CloudFront web distribution?
AWS OFFICIALUpdated 2 years ago
How can I use a client certificate issued by a third party when configuring mutual TLS authentication for API Gateway APIs?
AWS OFFICIALUpdated a year ago
How to build a unified authorization layer for identity providers with Amazon Verified Permissions
EXPERT
JohnT
published 14 days ago
How to use JWT tokens for authorization with AWS KMS in NodeJs Lambdas
EXPERT
Antonio_Lagrotteria
published a month ago