Use multiple API Gateway authorizers

0

Hello All, Is there a way to use multiple authorizers in API Gateway or chain the authorizers. For instance, check the signed headers with the default "AWS IAM" authorizer and check a custom token with a custom authorizer executing a Lambda? If this is not possible, what would be the best way to achieve it?

3 Answers
1
Accepted Answer

You can only have a single authorizer on every endpoint. If you need more than one, you will need to use a Lambda authorizer to verify both.

In addition to the authorizer you can specify a resource policy, include WAF and use mutual TLS. All pf these apply to all endpoints and they are evaluated in addition to the authorizer.

profile pictureAWS
EXPERT
Uri
answered 2 years ago
1

I know this is a really old question, but I have a similar issue to which the accepted answer isn't helpful. I AM using a lambda authorizer, of type TOKEN. But there I need to specify the issuer and audience, and I can't specify multiple issuers. So I am still stuck even with a lambda authorizer.... Any thoughts?

Dolf
answered 9 months ago
  • What do you mean by: I need to specify the issuer and audience, and I can't specify multiple issuers? Where do you need to specify them? If you need to look at multiple headers in the request, change the authorizer to REQUEST, which will send the entire request to the function.

0

similar issue. i want to use both mTLS and oAuth2 Cognito User_pool on API Gateway. so first i need to use an authorizer as a lambda authorizer to check the CRL. but then i can't get the Token by launching a second authorizer.

answered 9 months ago
  • As answered above, you can only have a single authorizer. If you need to check multiple things, do all of them in that authorizer. So in your case, you will need to check CRL and the token inside your Lambda authorizer.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions