My objective is for my user to sign-in using Cognito and get a temporary IAM role that allows them HTTP access to specific methods in API Gateway.
What I have done so far:
- set up my user pool
- set up my identity pool
set up IAM roles for authenticated and unauthenticated users
set up a group with an IAM role allowing access to POST to (at present) all API gateway methods.
put my user into the group
set up my API Gateway method to use
IAMauthorization
I can sign-in via Cognito in my browser using a front end created via Amplify.
When I check in the browsers local storage I can see I have the following:
idTokenaccessTokenrefreshToken
When I have done this using a COGNITO authorizer on the API Gateway all I had to do in Postman was add a Authorization header and paste in the idToken. This gave me access to the API.
How can I test my API using Postman with IAM authorization?
I am still given the tokens, but now pasting them in to the Authorization header gives me an error message:
Authorization header requires 'Credential' parameter. Authorization header requires 'Signature' parameter. Authorization header requires 'SignedHeaders' parameter. Authorization header requires existence of either a 'X-Amz-Date' or a 'Date' header.
I have read that I need to sign requests but I am unsure how I would do this from my web browser based application.
Even if I can do that how can I test in Postman, or is this no longer possible?
