https://serverless-stack.com/ logo
#help
Title
# help
a

Adrian Schweizer

01/23/2022, 3:56 PM
So I have an api route that I'd normally want to be protected by IAM, but if the user checks a box, I'd want it to be publicly accessible. Any idea how to do that with SST? I've tried setting it to
authorizationType: sst.ApiAuthorizationType.NONE
but then in the lambda, the
requestContext.authorizer
is actually undefined.
I guess I could do it with two different routes, and only check the flag in the publicly accessible one, but trying to avoid having to set up multiple routes for this
r

Ross Coundon

01/23/2022, 5:07 PM
Where is the user checking the box? At runtime?
a

Adrian Schweizer

01/23/2022, 5:15 PM
yeah
r

Ross Coundon

01/23/2022, 6:18 PM
I guess you could define a custom authorizer and then do a check inside that as to whether to authenticate or allow
a

Adrian Schweizer

01/23/2022, 6:43 PM
sounds interesting, I'll check it out, thanks