Accessing client context in a Lambda function via API Gateway

Question

I've created a Lambda function, and connected it to an API Gateway endpoint. My users are authenticating using Facebook via Cognito (so, obviously using a Federated Identity Pool). In my iOS app, I am able to authenticate properly, receive a Cognito Id back, and also properly execute my Lambda function by way of API Gateway.

Where I'm stuck now is attempting to access the user's identity in my lambda. I understand from other threads & the AWS docs that I should use able to access the identity via context.identity.cognitoIdentityId in JS. However, the context is always null.

Further digging suggested that the context is passed in the X-Amz-Client-Context header -- when I look at packets for the API Gateway call, I do not see that header being passed through. I am using the automatically generated SDK (ObjC) from Gateway for my endpoints.

What am I missing here?

Answer 1

I apologize for the confusion. You have 2 options for getting this value into your lambda function:

1. By passing via API Gateway. If you are using the Lambda Proxy, it should already be available in event.requestContext.identity.cognitoIdentityId.

2. By enabling use caller credentials in your integration. If you use this method, you will also need to add lambda:Invoke permissions to your Cognito role.