How do you guys deal with API gateway endpoints that optionally require auth? Is there a way to tell the authorizer to let it pass through even if the auth header is missing? I can work around it by creating public vs private endpoints (maybe best practice) but was curious
g
gligor
07/22/2021, 10:17 PM
never had one like this, but thinking about it, I’d probably not have an authoriser attached to this endpoint and would handle the split logic in the function itself
o
Omi Chowdhury
07/22/2021, 10:50 PM
Yeah I have a public and a private graphql endpoint - both pointed to the same graphql lambda
Omi Chowdhury
07/22/2021, 10:51 PM
For webhooks I have them go directly into eventbridge via an API gateway template
f
Frank
07/22/2021, 10:52 PM
Hey @thdxr if you are using a Lambda authorizer, u can have the conditional logic in the Lambda function?