使用AWS re:Post即您表示您同意 AWS re:Post 使用条款
AWS re:Postre:Post

Is it a good way to implement custom authorization logic(like an API call to validate header parameters) in Lambda Authorizers?

0

Hi,

I want to add some authorization logic in every API Gateway other than token authentication to secure my APIs. My custom logic includes call an API to validate my header parameters. If the user have that permission it will generate an allow policy. Is it is possible to implement in custom authorizer? Or is there any other methods available to validate my custom header?

Can we throw custom message from Lambda Authorizer based on our requirement?

Thanks

主题
无服务器计算前端 Web 和移动网络和内容交付
标签
AWS Lambda亚马逊 API 网关
语言
English
AWS-User-9476241
已提问 2 年前487 查看次数
1 回答
1

Hi.

You can use the header verification function for simple regular expressions.
If you need custom validation using an external API, I think the Lambda authorizer is a good choice.

What does custom message throw mean? Please tell me the scenario.

profile picture
专家
iwasa
已回答 2 年前
  • AWS-User-9476241
    2 年前

    Hi,

    Thanks for the answer.

    I want message format like this

     {
    "errorCode": "xyz_12#",
    "errorType": "Constraint error",
    "errorMessage": "Need administrative permisssion to perform this action"
};

    This error message may be dynamic based on the user role.

    Thanks

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则

相关内容