Using Authorizers in API Gateway and Cognito User Pools

1
votes

I've managed to setup a third party google login by integrating it with Cognito user pools. On successful sign-on, I am able to access an id_token as a query parameter in the redirect url.

I'm trying to sign REST calls to API gateway using this id_token. I have an authorizer configured on that particular API using Cognito user pools. When I try to test this on the Authorizer UI by setting the Authorization(header) field to this id_token which I received as a query parameter, I keep getting an Unauthorized request error.

Also, I have configured an IAM policy for my user according to this doc: https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-user-pool-authorizer-permissions.html

Can someone help me with what I'm doing wrong?

Thanks

1
amazon-web-servicesamazon-cognito
can you share your header, especially the authorization bit? And have you tested it in api gateway to check it is working?Ninad Gaikwad
I'm just setting the authorization header with Bearer <id_token>. My concern is if an id_token/access_token returned by AWS cognito user pool authentication can be used directly this way to generate Access key/Secret key to sign API gateway requestsuser1506119

1 Answers

0
votes

Turns out you have to pass the access_token that Cognito returns as part of the authorization header. You can try if your access token works by testing it in the UI offered by the Authorizor interface of API Gateway.