Use API Gateway Lambda authorizers
A Lambda authorizer is useful if you want to implement a custom authorization scheme that uses a bearer token authentication strategy such as OAuth or SAML, or that uses request parameters to determine the caller’s identity.
- The Lambda function authenticates the caller by means such as the following:
- Calling out to an OAuth provider to get an OAuth access token.
- Calling out to a SAML provider to get a SAML assertion.
- Generating an IAM policy based on the request parameter values.
- Retrieving credentials from a database.
How to secure API Gateway HTTP endpoints with JWT authorizer
Add Okta authentication to REACT App
Sign in Okta with redirect model
Github Okta sample app with redirect
Validate Okta token using lambda authorizer (PHP)
Okta Integrate AWS API Gateway with Okta <–backend
- Login and logout from Okta using theĀ OAuth 2.0 API
- Retrieve user information
- Determine authentication status
- Validate the current user’s session
Storing Okta token: local storage, session storage, cookie
const config = {
// Required config
issuer: 'https://{yourOktaDomain}/oauth2/default',
// Required for login flow using getWithRedirect()
clientId: 'GHtf9iJdr60A9IYrR0jw',
redirectUri: 'https://acme.com/oauth2/callback/home',
// Parse authorization code from hash fragment instead of search query
responseMode: 'fragment',
// Configure TokenManager to use sessionStorage instead of localStorage
tokenManager: {
storage: 'sessionStorage'
}
};
var authClient = new OktaAuth(config);