更新时间:2023-12-02 20:59:52
AWS Signature授权与自定义授权者不同。
The AWS Signature authorization is different than a Custom Authorizer.
AWS Signature授权(邮递员)请求AWS AccessKey和SecretKey对请求进行身份验证。这对应于API网关中的 IAM身份验证。通过IAM接收AccessKey和SecretKey。
The AWS Signature authorization (Postman) requests an AWS AccessKey and SecretKey to authenticate requests. This corresponds to IAM Authentication in API Gateway. The AccessKey and SecretKey are received through IAM.
自定义授权者使用 JWT 由您指定的Cognito用户池发出的名为 #id_token
的>。要测试令牌的有效性,请转到自定义授权者并单击测试,然后将令牌复制并粘贴到文本区域。
A Custom Authorizer takes a JWT called #id_token
that is issued by your specified Cognito User Pool. To test the validity of the token, go to your custom authorizer and click test, and then copy and paste the token into the text area.
执行自定义方法授权者身份验证是这样的:
The way to perform the Custom Authorizer authentication is this:
#id_token
遵循 AWS配置 OAuth 2.0
作为邮递员中的授权,并使用您的 #id_token
作为访问令牌,或者添加标头: Authorization
值 Bearer
和 #id_token
#id_token
from the your user pool by following AWS ConfigurationOAuth 2.0
as Authorization in postman, with your #id_token
as the Access Token, Or add the header: Authorization
with the value Bearer
and the #id_token
如果要我添加AWS Signature Auth Flow,请删除注释。
Drop a comment if you want me to add the AWS Signature Auth Flow.