AWS API Gateway Websocket routes missing Cognito information

1
votes

I have Websocket API with $connect route authorization set to AWS_IAM. Once I connect with Cognito Identity Pool credentials, $connect route lambda integration's context has all Cognito data:

CognitoAuthenticationType=authenticated;
CognitoAuthenticationProvider=cognito-idp.us-west-2.amazonaws.com/us-west-2_xxxxxxx,cognito-idp.us-west-2.amazonaws.com/us-west-2_xxxxx:CognitoSignIn:user_id;
etc

But if I call any other Websocket route on the same connection, that route doesn't have any Cognito data.

What is the right way to get Cognito identity id in routes other then $connect?. I am using Golang SDK for lambda implementation.

1
amazon-web-servicesaws-lambdaaws-api-gatewayamazon-cognito

1 Answers

0
votes

I am using the AWS Gateway V2 API, with the WEBSOCKET protocol type, and Cognito (but with different credential handling than you have).

The Gateway V2 API allows the authentication lambda on the $connect route to return a context object along with the authentication response, and those context object values get passed along in the event object that gets sent to the route lambda.

The same context handling may have been added to the Gateway V1 API.

My implementation is in python, but once it settles down then I will likely convert it to Go to match the rest of the project.