Is it possible to use sequence: Cognito Authorizer and Lambda Athorizer?


I have a NET 6 Web REST API service deployed as Lambda and works with RDS PostgreSQL database.

What do you think about my idea? It is:

  1. Create User pool
  2. Declare Cognito Authorizer in AWS Gateway ("allow" or "deny")
  3. If its response is "Allow" then use my Lambda Custom authorizer: email+password stored in my database, return a role: User, Power User, Admin, Superadmin.
2 Answers

Hi Oleg :)

I think this answer outlines well the options for role based authorizations:

Hope it helps

profile picture
answered a year ago

Hi, @Oleg.

I understand that "AWS Gateway" is "API Gateway".

You cannot set multiple authorizers in combination in API Gateway.
So you have to implement your custom logic in the Lambda authorizer.

Validate Cognito's JWT in Lambda and check for the target user pool. Then perform custom processing.
The following documents may be helpful.

profile picture
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions