By using AWS re:Post, you agree to the Terms of Use
AWS re:Postre:Post
/Use multiple API Gateway authorizers/

Use multiple API Gateway authorizers

0

Hello All, Is there a way to use multiple authorizers in API Gateway or chain the authorizers. For instance, check the signed headers with the default "AWS IAM" authorizer and check a custom token with a custom authorizer executing a Lambda? If this is not possible, what would be the best way to achieve it?

Topics
Security Identity & ComplianceServerlessFront-End Web & MobileNetworking & Content DeliveryDevOpsMicroservicesAWS Well-Architected Framework
Tags
Security Identity & ComplianceAmazon API GatewayDevOpsMicroservicesSecurity
rePost-User-9535521
asked 13 days ago34 views
1 Answers
0

You can only have a single authorizer on every endpoint. If you need more than one, you will need to use a Lambda authorizer to verify both.

In addition to the authorizer you can specify a resource policy, include WAF and use mutual TLS. All pf these apply to all endpoints and they are evaluated in addition to the authorizer.

EXPERT
Uri
answered 13 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant questions