CreateAuthorizer - AWS IoT

CreateAuthorizer

Creates an authorizer.

Requires permission to access the CreateAuthorizer action.

Request Syntax

POST /authorizer/authorizerName HTTP/1.1 Content-type: application/json { "authorizerFunctionArn": "string", "enableCachingForHttp": boolean, "signingDisabled": boolean, "status": "string", "tags": [ { "Key": "string", "Value": "string" } ], "tokenKeyName": "string", "tokenSigningPublicKeys": { "string" : "string" } }

URI Request Parameters

The request uses the following URI parameters.

authorizerName

The authorizer name.

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: [\w=,@-]+

Required: Yes

Request Body

The request accepts the following data in JSON format.

authorizerFunctionArn

The ARN of the authorizer's Lambda function.

Type: String

Length Constraints: Maximum length of 2048.

Pattern: [\s\S]*

Required: Yes

enableCachingForHttp

When true, the result from the authorizer’s Lambda function is cached for clients that use persistent HTTP connections. The results are cached for the time specified by the Lambda function in refreshAfterInSeconds. This value does not affect authorization of clients that use MQTT connections.

The default value is false.

Type: Boolean

Required: No

signingDisabled

Specifies whether AWS IoT validates the token signature in an authorization request.

Type: Boolean

Required: No

status

The status of the create authorizer request.

Type: String

Valid Values: ACTIVE | INACTIVE

Required: No

tags

Metadata which can be used to manage the custom authorizer.

Note

For URI Request parameters use format: ...key1=value1&key2=value2...

For the CLI command-line parameter use format: &&tags "key1=value1&key2=value2..."

For the cli-input-json file use format: "tags": "key1=value1&key2=value2..."

Type: Array of Tag objects

Required: No

tokenKeyName

The name of the token key used to extract the token from the HTTP headers.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: [a-zA-Z0-9_-]+

Required: No

tokenSigningPublicKeys

The public keys used to verify the digital signature returned by your custom authentication service.

Type: String to string map

Key Length Constraints: Minimum length of 1. Maximum length of 128.

Key Pattern: [a-zA-Z0-9:_-]+

Value Length Constraints: Maximum length of 5120.

Value Pattern: [\s\S]*

Required: No

Response Syntax

HTTP/1.1 200 Content-type: application/json { "authorizerArn": "string", "authorizerName": "string" }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

authorizerArn

The authorizer ARN.

Type: String

Length Constraints: Maximum length of 2048.

authorizerName

The authorizer's name.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: [\w=,@-]+

Errors

InternalFailureException

An unexpected error has occurred.

HTTP Status Code: 500

InvalidRequestException

The request is not valid.

HTTP Status Code: 400

LimitExceededException

A limit has been exceeded.

HTTP Status Code: 410

ResourceAlreadyExistsException

The resource already exists.

HTTP Status Code: 409

ServiceUnavailableException

The service is temporarily unavailable.

HTTP Status Code: 503

ThrottlingException

The rate exceeds the limit.

HTTP Status Code: 400

UnauthorizedException

You are not authorized to perform this operation.

HTTP Status Code: 401

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: