sam-property-httpapi-httpapiauth.md

HttpApiAuth

Configure authorization to control access to your Amazon API Gateway HTTP API.

For more information about configuring access to HTTP APIs, see Controlling and managing access to an HTTP API in API Gateway in the API Gateway Developer Guide.

Syntax

To declare this entity in your AWS Serverless Application Model (AWS SAM) template, use the following syntax.

YAML

  [Authorizers](#sam-httpapi-httpapiauth-authorizers): OAuth2Authorizer | LambdaAuthorizer
  [DefaultAuthorizer](#sam-httpapi-httpapiauth-defaultauthorizer): String

Properties

Authorizers The authorizer used to control access to your API Gateway API.
Type: OAuth2Authorizer | LambdaAuthorizer
Required: No
Default: None
AWS CloudFormation compatibility: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent.
Additional notes: AWS SAM adds the authorizers to the OpenAPI definition.

DefaultAuthorizer Specify the default authorizer to use for authorizing API calls to your API Gateway API.
Type: String
Required: No
Default: None
AWS CloudFormation compatibility: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent.

Examples

OAuth 2.0 Authorizer

OAuth 2.0 authorizer example

YAML

Auth:
  Authorizers:
    OAuth2Authorizer:
      AuthorizationScopes:
        - scope1
        - scope2
      JwtConfiguration:
        issuer: "https://www.example.com/v1/connect/oauth2"
        audience:
          - MyApi
      IdentitySource: "$request.querystring.param"
  DefaultAuthorizer: OAuth2Authorizer