How do you guys deal with API gateway endpoints th...
# help
t
How do you guys deal with API gateway endpoints that optionally require auth? Is there a way to tell the authorizer to let it pass through even if the auth header is missing? I can work around it by creating public vs private endpoints (maybe best practice) but was curious
g
never had one like this, but thinking about it, I’d probably not have an authoriser attached to this endpoint and would handle the split logic in the function itself
o
Yeah I have a public and a private graphql endpoint - both pointed to the same graphql lambda
For webhooks I have them go directly into eventbridge via an API gateway template
f
Hey @thdxr if you are using a Lambda authorizer, u can have the conditional logic in the Lambda function?
t
Yeah that's true