更新时间:2023-12-05 22:07:04
AWS 签名授权不同于自定义授权者.
The AWS Signature authorization is different than a Custom Authorizer.
AWS 签名授权 (Postman) 请求 AWS AccessKey 和 SecretKey 来验证请求.这对应于 API 网关中的 IAM 身份验证.AccessKey 和 SecretKey 通过 IAM 接收.
The AWS Signature authorization (Postman) requests an AWS AccessKey and SecretKey to authenticate requests. This corresponds to IAM Authentication in API Gateway. The AccessKey and SecretKey are received through IAM.
自定义授权者采用名为 #id_token
的 JWT由您指定的 Cognito 用户池发布.要测试令牌的有效性,请转到您的自定义授权者并单击测试,然后将令牌复制并粘贴到文本区域中.
A Custom Authorizer takes a JWT called #id_token
that is issued by your specified Cognito User Pool. To test the validity of the token, go to your custom authorizer and click test, and then copy and paste the token into the text area.
执行自定义授权者身份验证的方式是这样的:
The way to perform the Custom Authorizer authentication is this:
OAuth 2.0
作为授权,您的 #id_token
作为访问令牌,或者添加标题:Authorization
和值Bearer
和 #id_token
#id_token
from the your user pool by following AWS ConfigurationOAuth 2.0
as Authorization in postman, with your #id_token
as the Access Token, Or add the header: Authorization
with the value Bearer
and the #id_token
如果您希望我添加 AWS 签名身份验证流程,请发表评论.
Drop a comment if you want me to add the AWS Signature Auth Flow.