堆栈内存溢出
  简体   繁体   English

与Cognito用户池集成后如何访问AWS API

[英]How to access AWS API after integrated with cognito user pool

 原文  2018-10-17 09:56:43       java/ amazon-web-services/ aws-lambda/ aws-api-gateway/ amazon-cognito

问题描述

I have created API for my Lambda function and tested URL in postman, I am able to view the response. 我已经为Lambda函数创建了API,并在邮递员中测试了URL,我可以查看响应。 Now, for security purpose I have integrated Cognito user pool authorizers to my API.Now I tried to use API and getting response as below 为了安全起见,我已经将Cognito用户池授权者集成到了我的API中,现在我尝试使用API​​并获得如下响应 

{
    "message": "Unauthorized"
}

I am having App client id and App client secret for my cognito user pool.Now,I need help for authenticating the API using postman. 我的Cognito用户池具有App客户端ID和App客户端密码。现在,我需要使用邮递员身份验证API的帮助。

1 个解决方案

解决方案1
 1 已采纳  2018-10-25 06:20:37

Depending on the specific resource method configuration you may need to send the ID Token instead of the Access Token. 根据特定的资源方法配置,您可能需要发送ID令牌而不是访问令牌。 It took some careful reading of the AWS docs Integrate an API with a User Pool . 仔细阅读了AWS文档“ 将API与用户池集成” Steps 6 and 7 are the key to determine which token should be sent. 步骤6和7是确定应发送哪个令牌的关键。 A summary is: 摘要是:

If on the secured Resource Method (Method Execution step) the OAuth Scopes setting is set to NONE an ID Token should be sent. 如果在安全的资源方法(方法执行步骤)上, OAuth Scopes设置设置为“ NONE ,则应发送ID令牌。 If a scope value is entered an Access Token should be sent. 如果输入了范围值,则应发送访问令牌。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Cognito 用户池:在 aws cognito java sdk 中 accessToken 过期后,如何使用 refreshToken 获取新的 accessToken? - Cognito user pool: How to use refreshToken to get new accessToken after accessToken gets expired in aws cognito java sdk? JAVA- AWS Cognito - 检查 Cognito 用户池中是否存在用户 - JAVA- AWS Cognito -Check if a user exists in Cognito User pool 如何以编程方式为 Java 中 AWS Cognito 用户池中的登录用户启用或禁用 MFA? - How to programmatically enable or disable MFA for a logged user in AWS Cognito user pool in Java? 如何通过Java API使用AWS Cognito对用户进行身份验证 - How to authenticate user using AWS Cognito via Java API 带有 Spring Boot 的 AWS Cognito 用户池服务器端流程 - AWS cognito user pool server side flow with spring boot 如何使用Java将用户注册到Amazon Cognito身份用户池 - How to register users to Amazon Cognito identity user pool by using Java 如何使用 Cognito 通过 android 更新用户池属性? - How do I use Cognito to update user pool attributes with android? 如何配置 AWS 用户认知身份验证流程以在 Java sdk 后端生成身份令牌、访问令牌? - How to configure AWS user cognito authentication flow for generating identity token,access token in Java sdk backend? 适用于通过Cognito用户池为Oauth客户端凭据流身份验证提供服务的AWS Java SDK吗? - AWS Java SDK for service to service Oauth client credentential flow authentication with Cognito user pool? AWS Cognito-使用SignInUI登录后获取用户数据 - AWS Cognito - Get user data after login with SignInUI
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM