AWS 签名授权不同于自定义授权者.

The AWS Signature authorization is different than a Custom Authorizer.

AWS 签名授权 (Postman) 请求 AWS AccessKey 和 SecretKey 来验证请求.这对应于 API 网关中的 IAM 身份验证.AccessKey 和 SecretKey 通过 IAM 接收.

The AWS Signature authorization (Postman) requests an AWS AccessKey and SecretKey to authenticate requests. This corresponds to IAM Authentication in API Gateway. The AccessKey and SecretKey are received through IAM.

自定义授权者采用名为 #id_token 的 JWT由您指定的 Cognito 用户池发布.要测试令牌的有效性，请转到您的自定义授权者并单击测试，然后将令牌复制并粘贴到文本区域中.

A Custom Authorizer takes a JWT called #id_token that is issued by your specified Cognito User Pool. To test the validity of the token, go to your custom authorizer and click test, and then copy and paste the token into the text area.

执行自定义授权者身份验证的方式是这样的:

The way to perform the Custom Authorizer authentication is this:

1. 按照 AWS 配置
2. 使用 Cognito 自定义授权器配置 API 网关，并将您的用户池作为源(看来您做得正确)
3. 在邮递员中使用 OAuth 2.0 作为授权，您的 #id_token 作为访问令牌，或者添加标题:Authorization 和值Bearer 和 #id_token

1. obtain an #id_token from the your user pool by following AWS Configuration
2. Configure API gateway with a Cognito custom Authorizer with your user pool as the source (Seems that you have done correctly)
3. Use OAuth 2.0 as Authorization in postman, with your #id_token as the Access Token, Or add the header: Authorization with the value Bearer and the #id_token

如果您希望我添加 AWS 签名身份验证流程，请发表评论.

Drop a comment if you want me to add the AWS Signature Auth Flow.