Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Is it possible to chain authorizers in apigateway http api ?

0

Is it possible to chain authorizers in apigateway http api ? In the api gateway ui, I am only allowed to attach only one authorizer. We have 3 user personas, which has their own login and own cognito user pool.

We want to expose only one the new http api gateway and want to attach all the 3 authorizers i.e cognito user pools to authenticate .

I understand from this link, we can do it for rest api but want to understand whether we can do it for new http api gateway end point.

https://stackoverflow.com/questions/58453901/how-to-use-multiple-cognito-user-pools-for-a-single-endpoint-with-aws-api-gateway

Topics
ServerlessFront-End Web & MobileNetworking & Content Delivery
Tags
Amazon API Gateway
Language
English
asked 3 years ago603 views
1 Answer
2
Accepted Answer

You can only have a single authorizer on every endpoint. If you need more than one, you will need to use a Lambda authorizer to verify both.

In addition to the authorizer you can specify a resource policy, include WAF and use mutual TLS. All pf these apply to all endpoints and they are evaluated in addition to the authorizer.

AWS
answered 3 years ago
EXPERT
reviewed 3 years ago
  • Uri Segev EXPERT
    3 years ago

    All true, expect HTTP APIs do not support WAF nor resource policies.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content