Today, AppSync supports four authorization types - API_KEY, AWS_IAM, OPENID_CONNECT, and AMAZON_COGNITO_USER_POOLS. This PR adds support for a 5th type: AWS_LAMBDA. Customers will be able to create their own AWS Lambda function, which will determine whether to authorize each request based on an authorization token that the customer provides to Amplify.
The developer experience is very similar to OPENID_CONNECT. Today, customers can provide their own OIDC token to Amplify by implementing an OIDCTokenProvider, and providing it to the AWSApiPlugin like this:
Today, AppSync supports four authorization types -
API_KEY
,AWS_IAM
,OPENID_CONNECT
, andAMAZON_COGNITO_USER_POOLS
. This PR adds support for a 5th type:AWS_LAMBDA
. Customers will be able to create their own AWS Lambda function, which will determine whether to authorize each request based on an authorization token that the customer provides to Amplify.The developer experience is very similar to
OPENID_CONNECT
. Today, customers can provide their own OIDC token to Amplify by implementing anOIDCTokenProvider
, and providing it to theAWSApiPlugin
like this:For AWS Lambda custom auth, developers can provide their own token by implementing a
CustomAuthProvider
like this:By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.