Basic demonstration of authorizing a JWT with a Lambda Authorizer. The authorizer function (AuthController) "guards" the actual business function (DemoController). They are deployed into an API Gateway.
This project uses the Client Credentials flow for machine-to-machine communication.
Deploys with Serverless Framework.
- Authentication/Authorization service like Auth0 (if using it, create both a machine-to-machine "application" and an "API" that accepts the MTM app)
- You have set the environment variables (
JWKS_URIis required;AUDIENCEandISSUERare optional) inserverless.yml - An AWS account
- Logged into AWS in your environment
- Clone the repo
npm installto install dependenciesnpm run deployto deploy to AWS
Headers:
Content-Type:application/jsonAuthorization:Bearer {{ACCESS_TOKEN}}
In the case of Auth0, you'd pass the token you get from calling your application (URL like https://{{ID}}-{{RANDOM_ID}}.{{REGION}}.auth0.com/oauth/token)
POST {url}/{stage}/demo
{}
"This is the secured demo function responding"