The set of arguments for constructing a CognitoAuthorizer resource.

interface CognitoAuthorizerArgs {
    authorizerName?: string;
    authorizerResultTtlInSeconds?: number;
    header?: string;
    identityValidationExpression?: string;
    methodsToAuthorize?: string[];
    providerARNs: any[];
}

Properties

authorizerName?: string

The name for the Authorizer to be referenced as. This must be unique for each unique authorizer within the API. If no name if specified, a name will be generated for you.

authorizerResultTtlInSeconds?: number

The number of seconds during which the resulting IAM policy is cached. Default is 300s. You can set this value to 0 to disable caching. Max value is 3600s. Note - if you are sharing an authorizer across more than one route you will want to disable the cache or else it will cause problems for you.

header?: string

The request header for the authorization token. If not set, this defaults to "Authorization".

identityValidationExpression?: string

A regular expression for validating the token as the incoming identity. It only invokes the authorizer if there is a match, else it will return a 401. Example: "^x-[a-z]+"

methodsToAuthorize?: string[]

For method authorization, you can define resource servers and custom scopes by specifying the "resource-server/scope". e.g. ["com.hamuta.movies/drama.view", "http://my.resource.com/file.read"] For more information on resource servers and custom scopes visit the AWS documentation - https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-define-resource-servers.html

providerARNs: any[]

The ARNs of the Cognito User Pools to use.

Generated using TypeDoc