-
Notifications
You must be signed in to change notification settings - Fork 193
Accessing user claims in lambda with AWS_IAM authorizer. #21
Comments
Rather use Lambda as a proxy and then use json dot notation to access the information from the event object in Lambda. Alternatively to that you can select the method pass through body mapping template that generates the vtl for you. make sure to pass $input for body. In both cases you can find the information in the event object of Lambda. you can log this to cloudwatch logs and have a look at the object there. |
@outmarch Did you resolve this? I am having the same issue. |
@Leon-Africa I think you misunderstand. The $context object seems to only have the needed info (usernam, email, etc) if you use the AppSync Auth type Cognito User Pools. If you use AWS_IAM for the Auth type, the |
@outmarch @honkskillet did you find any way to access the claims when using AWS_IAM? |
@outmarch did you resolve this? or is there any workaround? |
I am able to successfully use Cognito User pool, federated identities , APIG and Lambda. I am using AWS_IAM authoriser on APIG, I get the IAM policy and accordingly I can execute APIs.
I would like to get user claims like email, name in the lambda function. I did request body template mapping in integration request like below.
"email": "$context.authorizer.claims.email",
"cognitoIdentityPoolId": "$context.identity.cognitoIdentityPoolId",
I can access cognitoIdentityPoolId in lambda as event.cognitoIdentityPoolId but I dont get any value for email. Am I misiing anything? Will I get $context.authorizer.claims.email in case of AWS_IAM authorizer in APIG or using $context.identity.cognitoIdentityPoolId I need to get user claims?
Thanks in advance.
The text was updated successfully, but these errors were encountered: