This might be obvious and stupid but can I use JWT...
# helpa
Ashishkumar Pandey
04/24/2022, 11:43 AMThis might be obvious and stupid but can I use JWT authorizer with my custom jwt implementation? Like I have my custom signup / signin endpoint that generates the token. Could someone verify if this will work or will I need to use Lambda authorizers to implement this?
b
Brinsley
04/25/2022, 7:29 AMThis should 100% work. You can use Lambda authorizers to intercept requests on an ApiGateway and validate your JWTs:
https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-use-lambda-authorizer.html
Here's a blog post that might be of interest if you're looking for more detail about how to decode/validate tokens. It uses Auth0 as the token broker but it breaks down the overview flow well enough to roll your own:
https://levelup.gitconnected.com/creating-a-simple-serverless-application-using-typescript-and-aws-part-2-2f9192717015
f
Frank
04/27/2022, 9:13 PM
@Ashishkumar Pandey i haven’t done this, but I’m assuming the JWTAuthorizer just makes an api call to a endpoint under the JWT domain to validate the token behind the scene.
Frank
04/27/2022, 9:14 PM
If u implemented that endpoint manually, the JWTAuthorizer should work? 🤞
a
Ashishkumar Pandey
04/27/2022, 9:20 PMyes, working on it, creating a custom jwks, will update here. if this works, this would be a much better solution than lambda authorizers.