Menu
AWS IoT
Developer Guide

CreateAuthorizer

Creates an authorizer.

Request syntax:

POST /authorizer/authorizerName Content-type: application/json { "authorizerFunctionArn": "string", "tokenKeyName": "string", "tokenSigningPublicKeys": { "string": "string" }, "status": "string" }

URI Request Parameters:

Name

Type

Req?

Description

authorizerName

AuthorizerName

yes

The authorizer name.

Request Body Parameters:

Name

Type

Req?

Description

authorizerFunctionArn

AuthorizerFunctionArn

yes

The ARN of the authorizer's Lambda function.

tokenKeyName

TokenKeyName

yes

The name of the token key used to extract the token from the HTTP headers.

tokenSigningPublicKeys

PublicKeyMap

yes

The public keys used to verify the digital signature returned by your custom authentication service.

status

AuthorizerStatus

no

The status of the create authorizer request.

Response syntax:

Content-type: application/json { "authorizerName": "string", "authorizerArn": "string" }

Response Body Parameters:

Name

Type

Req?

Description

authorizerName

AuthorizerName

no

The authorizer's name.

authorizerArn

AuthorizerArn

no

The authorizer ARN.

Errors:

ResourceAlreadyExistsException

The resource already exists.

HTTP response code: 409

InvalidRequestException

The contents of the request were invalid. For example, this code is returned when an UpdateJobExecution request contains invalid status details. The message contains details about the error.

HTTP response code: 400

LimitExceededException

The number of attached entities exceeds the limit.

HTTP response code: 410

ThrottlingException

The rate exceeds the limit.

HTTP response code: 429

UnauthorizedException

You are not authorized to perform this operation.

HTTP response code: 401

ServiceUnavailableException

The service is temporarily unavailable.

HTTP response code: 503

InternalFailureException

An unexpected error has occurred.

HTTP response code: 500

CLI

Synopsis:

aws iot create-authorizer \ --authorizer-name <value> \ --authorizer-function-arn <value> \ --token-key-name <value> \ --token-signing-public-keys <value> \ [--status <value>] \ [--cli-input-json <value>] \ [--generate-cli-skeleton]

cli-input-json format:

{ "authorizerName": "string", "authorizerFunctionArn": "string", "tokenKeyName": "string", "tokenSigningPublicKeys": { "string": "string" }, "status": "string" }

cli-input-json fields:

Name

Type

Description

authorizerName

string

length max:128 min:1

pattern: [w=,@-]+

The authorizer name.

authorizerFunctionArn

string

The ARN of the authorizer's Lambda function.

tokenKeyName

string

length max:128 min:1

pattern: [a-zA-Z0-9_-]+

The name of the token key used to extract the token from the HTTP headers.

tokenSigningPublicKeys

map

key: KeyName

value: KeyValue

The public keys used to verify the digital signature returned by your custom authentication service.

KeyName

string

length max:128 min:1

pattern: [a-zA-Z0-9:_-]+

KeyValue

string

length max:5120

status

string

enum: ACTIVE | INACTIVE

java class: iot.identity.service.AuthorizerStatus

The status of the create authorizer request.

Output:

{ "authorizerName": "string", "authorizerArn": "string" }

cli output fields:

Name

Type

Description

authorizerName

string

length max:128 min:1

pattern: [w=,@-]+

The authorizer's name.

authorizerArn

string

The authorizer ARN.

On this page: