API Gateway WEBSOCKET- How to use multiple authorizers for each route of an websocket?

Question

I would like to add a Lambda authorizer to each route of my API Gateway WebSocket. 
However, according to the documentation, it is only possible to use a Lambda authorizer function for the $connect route (https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-lambda-auth.html). 
Is there any other way I can use multiple authorizers for each route of my WebSocket?

Thank you so much.

rePost-User-2464452 · Accepted Answer

Hello,

Warm Greetings of the day!

I understand that you wish to attach the Lambda authorizer for all routes like $connect route in WebSocket API Gateway. Please note that the WebSocket connection is a stateful connection. Hence, authorization will be performed at connection time and this setting is applied to the entire API and not just the $connect route. The $connect route protects the other routes, because it is called on every connection.

The routes like $default/custom routes are invoked after the WebSocket connection is already established. At this point, the client has already connected successfully, so authorization is not required from a security perspective.

However, if you are looking for authorization in Websocket API for all the other routes, you need to implement this in the backend. Here, the backend needs to perform the validation and decide if it wants to authenticate the connection or not.

Hope this answers your query. Thank you!

API Gateway WEBSOCKET- How to use multiple authorizers for each route of an websocket?

Add your answer

Relevant content