AWS Signature授权与自定义授权者不同。

The AWS Signature authorization is different than a Custom Authorizer.

AWS Signature授权（邮递员）请求AWS AccessKey和SecretKey对请求进行身份验证。这对应于API网关中的 IAM身份验证。通过IAM接收AccessKey和SecretKey。

The AWS Signature authorization (Postman) requests an AWS AccessKey and SecretKey to authenticate requests. This corresponds to IAM Authentication in API Gateway. The AccessKey and SecretKey are received through IAM.

自定义授权者使用 JWT 由您指定的Cognito用户池发出的名为 #id_token 的>。要测试令牌的有效性，请转到自定义授权者并单击测试，然后将令牌复制并粘贴到文本区域。

A Custom Authorizer takes a JWT called #id_token that is issued by your specified Cognito User Pool. To test the validity of the token, go to your custom authorizer and click test, and then copy and paste the token into the text area.

执行自定义方法授权者身份验证是这样的：

The way to perform the Custom Authorizer authentication is this:

1. 通过以下方式从用户池中获取 #id_token 遵循 AWS配置


2. 使用Cognito自定义授权者配置API网关，并将您的用户池作为源（似乎您已正确完成）


3. 使用 OAuth 2.0 作为邮递员中的授权，并使用您的 #id_token 作为访问令牌，或者添加标头： Authorization 值 Bearer 和 #id_token

1. obtain an #id_token from the your user pool by following AWS Configuration
2. Configure API gateway with a Cognito custom Authorizer with your user pool as the source (Seems that you have done correctly)
3. Use OAuth 2.0 as Authorization in postman, with your #id_token as the Access Token, Or add the header: Authorization with the value Bearer and the #id_token

如果要我添加AWS Signature Auth Flow，请删除注释。

Drop a comment if you want me to add the AWS Signature Auth Flow.