Securely Calling AWS Lambda from React

Use API Gateway Lambda authorizers

A Lambda authorizer is useful if you want to implement a custom authorization scheme that uses a bearer token authentication strategy such as OAuth or SAML, or that uses request parameters to determine the caller’s identity.

  1. The Lambda function authenticates the caller by means such as the following:
    • Calling out to an OAuth provider to get an OAuth access token.
    • Calling out to a SAML provider to get a SAML assertion.
    • Generating an IAM policy based on the request parameter values.
    • Retrieving credentials from a database.

How to secure API Gateway HTTP endpoints with JWT authorizer

Add Okta authentication to REACT App

Sign in Okta with redirect model

Github Okta sample app with redirect

Validate Okta token using lambda authorizer (PHP)

Okta Integrate AWS API Gateway with Okta <–backend

Beginner’s guide to JWT

Okta React SDK <–front end

  • Login and logout from Okta using theĀ OAuth 2.0 API
  • Retrieve user information
  • Determine authentication status
  • Validate the current user’s session

What is Audience URI

Storing Okta token: local storage, session storage, cookie

const config = {
  // Required config
  issuer: 'https://{yourOktaDomain}/oauth2/default',

  // Required for login flow using getWithRedirect()
  clientId: 'GHtf9iJdr60A9IYrR0jw',
  redirectUri: '',

  // Parse authorization code from hash fragment instead of search query
  responseMode: 'fragment',

  // Configure TokenManager to use sessionStorage instead of localStorage
  tokenManager: {
    storage: 'sessionStorage'

var authClient = new OktaAuth(config);

Inputs into AWS Gateway authorizer