What authorizer to use: Lambda Custom Authorizer or AWS Cognito?


I have a AWS Lambda (NET 6) working with RDS. What to use: Lambda Custom Authorizer or AWS Cognito? If I understand correctly: to use Lambda Custom Auhorizer need develop my own Lambda function. To use AWS Cognito I do not need to develop anything but only add users pool and maintain AWS Gateway?

asked 9 days ago36 views
1 Answer
Accepted Answer

Hi Oleg,

Yes correct.

If you use Lambda authorizer, you will have to code the lambda handler yourself where you ll have to return an IAM policy to allow/deny the request. A dir net blueprint can be found here: https://github.com/awslabs/aws-apigateway-lambda-authorizer-blueprints/tree/master/blueprints/dotnet/src but you can use any supported languages for it.

With authorizers you are in full control.

For cognito you will have just to associate it to the api gw after you create an user pool. It provides certain features out of the box, but there are certain limitations (non able to add custom claims to access tokens, very rigid to update user pools after you create them). This will be driven by your requirements and risk appetite.

Hope it helps!

profile picture
answered 9 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions