Menu
So I am trying to set up a custom authorizer in API Gateway.
I can get it to forward a request with a valid token to the lambda function specified in the API method. I cannot figure out how to access the principalId passed on by my authorizer though.
When executing the request I get the following in the Cloud watch log:
Authorizer result body before parsing:
{
"principalId": "16",
"policyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Condition": {},
"Action": "execute-api:Invoke",
"Resource": [
"arn:aws:execute-api:eu-central-1:****:***/null/*/*"
],
"Effect": "Allow"
},
{
"Condition": {},
"Action": "execute-api:Invoke",
"Resource": [],
"Effect": "Deny"
}
]
}
}
So how do I access the principalId in my lambda function? Is the object even passed on to lambda? And if it is not, how do I get at least the principalId to passed?
469
For a Lambda authorizer of the REQUEST type, API Gateway passes request parameters to the authorizer Lambda function as part of the event object. The request parameters include headers, path parameters, query string parameters, stage variables, and some of request context variables.
The principalId can (and by default is) forwarded to the Lambda implementation. Depending on your mapping, the principalId should appear in the context variable.
You can access the principalId value in a mapping template using the $context.authorizer.principalId variable. This is useful if you want to pass the value to the backend. For more information, see Accessing the $context Variable.
Use API Gateway Custom Authorizers
79
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
