HttpJwtAuthorizer

class aws_cdk.aws_apigatewayv2_authorizers.HttpJwtAuthorizer(id, jwt_issuer, *, jwt_audience, authorizer_name=None, identity_source=None)

Bases: object

Authorize Http Api routes on whether the requester is registered as part of an AWS Cognito user pool.

ExampleMetadata:

infused

Example:

from aws_cdk.aws_apigatewayv2_authorizers import HttpJwtAuthorizer
from aws_cdk.aws_apigatewayv2_integrations import HttpUrlIntegration


issuer = "https://test.us.auth0.com"
authorizer = HttpJwtAuthorizer("BooksAuthorizer", issuer,
    jwt_audience=["3131231"]
)

api = apigwv2.HttpApi(self, "HttpApi")

api.add_routes(
    integration=HttpUrlIntegration("BooksIntegration", "https://get-books-proxy.example.com"),
    path="/books",
    authorizer=authorizer
)

Initialize a JWT authorizer to be bound with HTTP route.

Parameters:
  • id (str) – The id of the underlying construct.

  • jwt_issuer (str) – The base domain of the identity provider that issues JWT.

  • jwt_audience (Sequence[str]) – A list of the intended recipients of the JWT. A valid JWT must provide an aud that matches at least one entry in this list.

  • authorizer_name (Optional[str]) – The name of the authorizer. Default: - same value as id passed in the constructor

  • identity_source (Optional[Sequence[str]]) – The identity source for which authorization is requested. Default: [‘$request.header.Authorization’]

Methods

bind(*, route, scope)

Bind this authorizer to a specified Http route.

Parameters:
  • route (IHttpRoute) – The route to which the authorizer is being bound.

  • scope (Construct) – The scope for any constructs created as part of the bind.

Return type:

HttpRouteAuthorizerConfig