Serverless API Gateway Auth via Cognito JWT


#1

Hey all. First post so sorry if this is in the wrong place. So I have an issue and am stuck with pages of purple Google links so any and all help is appreciated.

I have Cognito setup and client side I acquire a JWT for a given user.

I have noticed in other guides you can provide a Cognito arn as a property of an endpoints auth in the serverless.yml file. My endpoint now yields “unauthorized”: great!

Now, my question. Does this support, as is, work by sending the token through an authorization bearer header? I am having no luck.

I know you can write a custom authorizer lambda that checks the token, but wanted to first check and see if there was a simpler way I can configure an endpoint to be auth’d with my Cognito jwt.

If so, I would be pumped to get some insight into how and where I can learn more!

If not and the custom auth lambda is the suggested route, could anyone point me in the right direction of how to structure that?

Again, first post, so any and all help is greatly appreciated. Having a blast with serverless so far!