Skip to content

ApiGatewayV2Authorizer

Reference doc for the `sst.aws.ApiGatewayV2Authorizer` component.

The ApiGatewayV2Authorizer component is internally used by the ApiGatewayV2 component to add authorizers to Amazon API Gateway HTTP API.

You’ll find this component returned by the addAuthorizer method of the ApiGatewayV2 component.


Constructor

new ApiGatewayV2Authorizer(name, args, opts?)

Parameters

Properties

id

Type Output<string>

The id of the authorizer.

nodes

Type Object

The underlying resources this component creates.

nodes.authorizer

Type Authorizer

The Amazon AppSync DataSource.

AuthorizerArgs

api

Type Input<Object>

The api to use for the route.

api.id

Type Input<string>

The ID of the api.

api.name

Type Input<string>

The name of the api.

jwt

Type Input<Object>

Create a JWT or JSON Web Token authorizer that can be used by the routes.

You can configure JWT auth.

{
jwt: {
issuer: "https://issuer.com/",
audiences: ["https://api.example.com"],
identitySource: "$request.header.AccessToken"
}
}

You can also use Cognito as the identity provider.

{
jwt: {
audiences: [userPoolClient.id],
issuer: $interpolate`https://cognito-idp.${aws.getArnOutput(userPool).region}.amazonaws.com/${userPool.id}`,
}
}

Where userPool and userPoolClient are:

const userPool = new aws.cognito.UserPool();
const userPoolClient = new aws.cognito.UserPoolClient();

jwt.audiences

Type Input<Input<string>[]>

List of the intended recipients of the JWT. A valid JWT must provide an aud that matches at least one entry in this list.

jwt.identitySource?

Type Input<string>

Default “$request.header.Authorization”

Specifies where to extract the JWT from the request.

jwt.issuer

Type Input<string>

Base domain of the identity provider that issues JSON Web Tokens.

name

Type string

The name of the authorizer.

{
name: "myAuthorizer",
}

transform?

Type Object

Transform how this component creates its underlying resources.

transform.authorizer?

Type AuthorizerArgs | (args: AuthorizerArgs => void)

Transform the API Gateway authorizer resource.