JWT regex for a specific aud

When configuring a Cognito Authorizer in API Gateway, a tooltip suggests providing a regex that will pre-validate the audience (aud).

I'm not clear on what the payload will be, so I'm not sure how to write this regex. Is there a sample regex available?

See this link for a screenshot: https://stackoverflow.com/questions/71014006/jwt-regex-for-a-specific-aud

主题

无服务器前端 Web 和移动网络和内容交付安全、身份和合规性

标签

亚马逊 API 网关 Amazon Cognito

语言

English

maxmoore14

已提问 2 年前643 查看次数

2 回答

最新
投票最多
评论最多

这些答案有用吗？为正确答案投票，以帮助社区从您的知识中受益。

已接受的回答

The tooltip actually talks about validating the token, i.e., the header, before sending it to Cognito. I do not think it makes a lot of sense to use it for a Cognito authorizer. It makes more sense when using a Lambda authorizer to make sure that the header contains the value in the right format. This will save you cost in the cases the format is invalid and then API Gateway will not invoke the function.

专家

Uri

已回答 2 年前

-1

sorry I wasn't able to help, removing my answer

Sri

已回答 2 年前

maxmoore14
2 年前
Please read the question.

JWT regex for a specific aud

相关内容