Type Alias AuthorizationProps<AuthScopesT>

Type declaration

• { type: "NONE" }

  No authentication, for when you want a fully public route (or handle authentication in the backend integration).

• { type: "IAM" }

  AWS IAM authorization. https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-access-control-iam.html

• { type: "COGNITO_USER_POOL" } & CognitoUserPoolAuthorizerProps<AuthScopesT>

  Creates a custom Lambda authorizer which reads Authorization: Bearer <access token> header and verifies the token against a Cognito user pool.

• { type: "BASIC_AUTH" } & BasicAuthAuthorizerProps

  Creates a custom Lambda authorizer which reads Authorization: Basic <base64-encoded credentials> header and verifies the credentials against a given secret.

• { type: "COGNITO_USER_POOL_OR_BASIC_AUTH" } & CognitoUserPoolOrBasicAuthAuthorizerProps<
      AuthScopesT,
  >

  Creates a custom Lambda authorizer which allows both:

  • Authorization: Bearer <access token> header, for which the token is checked against the given Cognito user pool
  • Authorization: Basic <base64-encoded credentials> header, for which the credentials are checked against the credentials from the given basic auth secret name

  If either of these are given and valid, the request is authenticated.

• { type: "CUSTOM_LAMBDA_AUTHORIZER" } & CustomLambdaAuthorizerProps

  Creates a custom authorizer with the given Lambda function. Use this if you have custom authorization logic, and the other authorizers from this construct don't meet your needs.

  https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html