Maks Babarowski
03/27/2021, 11:12 PM<http://API.post|API.post>("notes", "/notes", {
body: note
});
However, API Gateway response for it is 401. I assumed Amplify takes care of appending authorization headers, JWT and whatever since it handles Cognito user pool authorization. Yet in the Amplify docs , it says one needs to explicitly add Bearer token to the request to perform JWT authorization.
Did I miss something following your guide?Jay
Maks Babarowski
03/27/2021, 11:16 PMJay
Jay
Jay
Maks Babarowski
03/27/2021, 11:39 PMidentityPoolId
. Isn't userPoolId
sufficient if I'm not using identity pools?
Amplify.configure({
Auth: {
mandatorySignIn: true,
region: config.cognito.REGION,
userPoolId: config.cognito.USER_POOL_ID,
userPoolWebClientId: config.cognito.APP_CLIENT_ID
},
API: {
endpoints: [
{
name: 'api',
endpoint: config.apiGateway.URL,
region: config.apiGateway.REGION
},
]
}
});
const config = {
apiGateway: {
REGION: 'us-east-1',
URL: '<https://xxxxxxxxxx.execute-api.us-east-1.amazonaws.com>',
},
cognito: {
REGION: 'us-east-1',
USER_POOL_ID: 'us-east-1_yyyyyyyyy',
APP_CLIENT_ID: 'foo',
}
};
Jay
Maks Babarowski
03/28/2021, 12:04 AMMaks Babarowski
03/28/2021, 12:05 AMcbeckley
03/28/2021, 12:18 AMJay
Maks Babarowski
03/28/2021, 2:14 PMhttpApi:
authorizers:
serviceAuthorizer:
identitySource: $request.header.Authorization
issuerUrl:
Fn::Join:
- ''
- - '<https://cognito-idp>.'
- '${opt:region, self:provider.region}'
- '.<http://amazonaws.com/|amazonaws.com/>'
- Ref: serviceUserPool
audience:
- Ref: serviceUserPoolClient
cors: true
(serviceUserPool
is AWS::Cognito::UserPool
and serviceUserPoolClient
is AWS::Cognito::UserPoolClient
). In the User Pool settings there's an option to enable additional federated identity providers, like Facebook, Google or SAML. Considering all of that, I'm almost certain I could get around without Identity Pools if it wasn't for Amplify API. Is it some dirty workaround what I'm doing here?Jay