Get full access to Hands-On Serverless Applications with Kotlin and 60K+ other titles, with a free 10-day trial of O'Reilly.

There are also live events, courses curated by job role, and more.

Start your free trial

Authorizers

There is a nifty concept called Lambda authorizers, where access to an API can be controlled by using either a Cognito user Pool or a lambda function.

For an API protected by Cognito User Pool Authorizers, a token passed in a request header of choice is validated against a pool of tokens issued by Cognito.

For an API protected by a Lambda authorizer, a token passed in the request header or a query parameter or a stage context is passed to a lambda function that's executed when the aforementioned request is received by the API gateway. The token-validation logic contained in the lambda can be as complex and flexible as desired.

The official documentation describes it in more detail.

Get Hands-On Serverless Applications with Kotlin now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Don’t leave empty-handed

Get Mark Richards’s Software Architecture Patterns ebook to better understand how to design components—and how they should interact.

It’s yours, free.

Get it now

Check it out now on O’Reilly

Dive in for free with a 10-day trial of the O’Reilly learning platform—then explore all the other resources our members count on to build skills and solve problems every day.

Start your free trial Become a member now