amazon-web-servicesaws-api-gatewayapi-gateway

AWS Cognito authoriser gives 403 error with the valid token


I created Cognito authoriser for API Gateway and seems it throw 403 error when use the real token. I have tested this using test utility which comes with api gateway authoriser itself.

Created both ID token and user token using Cognito UI with the valid user. But seems the token is invalid. Anyone got same experience with auth errors when using Cognito authoriser?


Solution

  • I had same issue with ID token and access token. When you try the test utility, you need to use ID token and when you use a client like postman, then you need to use the access token. little bit confusing.

    This is a good explanation (Cognito Authoriser): https://youtu.be/9crTLAT_4uY This is for Lambda authorizer: https://youtu.be/rRQbVJhlpC4