Cognito User pool with JWT token


Hi, I am using Custom Authoriser with Cognito User Pool for securing my API gateway. Using the "client_credentials" grant type to generate the access token. As additional security, I would like to include IP restrictions or IP whitelisting to the Authoriser. Is there is any way that I can include this IP Whitelisting to my custom Cognito Authoriser?

Regards Jo

1 Answer
Accepted Answer
  • The requester's IP can be read via Enhanced Request Headers on the Custom Authorizer.
  • You can consider the Amazon API Gateway IP Allowlisting with a Resource Policy. See here for an example.
answered 8 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions