Menu
AWS IoT
API Reference

TestAuthorization

Test custom authorization.

Request Syntax

POST /test-authorization?clientId=clientId HTTP/1.1 Content-type: application/json { "authInfos": [ { "actionType": "string", "resources": [ "string" ] } ], "cognitoIdentityPoolId": "string", "policyNamesToAdd": [ "string" ], "policyNamesToSkip": [ "string" ], "principal": "string" }

URI Request Parameters

The request requires the following URI parameters.

clientId

The MQTT client ID.

Request Body

The request accepts the following data in JSON format.

authInfos

A list of authorization info objects. Simulating authorization will create a response for each authInfo object in the list.

Type: Array of AuthInfo objects

Array Members: Minimum number of 1 item. Maximum number of 10 items.

Required: Yes

cognitoIdentityPoolId

The Cognito identity pool ID.

Type: String

Required: No

policyNamesToAdd

When testing custom authorization, the policies specified here are treated as if they are attached to the principal being authorized.

Type: Array of strings

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: [\w+=,.@-]+

Required: No

policyNamesToSkip

When testing custom authorization, the policies specified here are treated as if they are not attached to the principal being authorized.

Type: Array of strings

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: [\w+=,.@-]+

Required: No

principal

The principal.

Type: String

Required: No

Response Syntax

HTTP/1.1 200 Content-type: application/json { "authResults": [ { "allowed": { "policies": [ { "policyArn": "string", "policyName": "string" } ] }, "authDecision": "string", "authInfo": { "actionType": "string", "resources": [ "string" ] }, "denied": { "explicitDeny": { "policies": [ { "policyArn": "string", "policyName": "string" } ] }, "implicitDeny": { "policies": [ { "policyArn": "string", "policyName": "string" } ] } }, "missingContextValues": [ "string" ] } ] }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

authResults

The authentication results.

Type: Array of AuthResult objects

Errors

InternalFailureException

An unexpected error has occurred.

HTTP Status Code: 500

InvalidRequestException

The request is not valid.

HTTP Status Code: 400

LimitExceededException

The number of attached entities exceeds the limit.

HTTP Status Code: 410

ResourceNotFoundException

The specified resource does not exist.

HTTP Status Code: 404

ServiceUnavailableException

The service is temporarily unavailable.

HTTP Status Code: 503

ThrottlingException

The rate exceeds the limit.

HTTP Status Code: 429

UnauthorizedException

You are not authorized to perform this operation.

HTTP Status Code: 401

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: