jwtAuthorizer - Custom JWT AWS Lambda Authorizer for Amazon API Gateway

A Custom Authorizer AWS Lambda function for Amazon API Gateway which takes a JSON Web Token (JWT) in Bearer format from Authorization HTTP header.

Read more about Custom Authorizers at AWS Docs.

The JWT is verified against a secret (in case of HSA encryption) and some other claims (should be at least audience and issuer).

The jwtAuthorizr lambda function makes use of the aweseome jsonwebtoken package at NPM.

Secret and claims can be different for every used stage environment. In this example, jwtAuthorizr lambda function reads them from environment variables which should be baked into the function deployment for each stage. But Lambda could also load them from e.g. S3 or DynamoDB or something completely different.

The token in the test event in test.json uses these secrets and claims:

iss: dasniko
aud: demo
secret: secret

Name		Name	Last commit message	Last commit date
Latest commit History 10 Commits
.editorconfig		.editorconfig
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
index.js		index.js
package.json		package.json
serverless.yml		serverless.yml
test.json		test.json
yarn.lock		yarn.lock

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

jwtAuthorizer - Custom JWT AWS Lambda Authorizer for Amazon API Gateway

About

Uh oh!

Releases

Packages

Uh oh!

Languages

License

serverlessbuch/jwtAuthorizr

Folders and files

Latest commit

History

Repository files navigation

jwtAuthorizer - Custom JWT AWS Lambda Authorizer for Amazon API Gateway

About

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Languages

Packages