David Karlsson
Reputation: 9716
AWS JWT authorizer not supporting google issuer
the issuer in the tokens from google is: "accounts.google.com"
but the jwt-authorizer config requires an issuer url with "https://" in front
That means the google tokens never be accepted by the authorizer since the token iss claim is missing: https
Any one solved this?
Upvotes: 1
Views: 628
Answers (1)
David Karlsson
Reputation: 9716
if using some of the legacy oauth flow to authorize your app. you may get a token with the issuer above, make sure to use the OIDC config:
https://accounts.google.com/.well-known/openid-configuration
Then the issuer in the id-token should match the format required by AWS JWT-Authorizer (and specified in the OIDC spec ).
Upvotes: 1
Related Questions
- AWS authorizer returns 500, message: null, with AuthorizerConfigurationException error in response
- AWS Lambda Authorizer Missing from Method Request: Authorization options
- why only the token id is successful and not the access token when using Authorizers in API Gateway?
- Cloud Endpoints returning 401 Jwt issuer is not configured
- Auth0 authorizor rejects JWT token from service - "jwt issuer invalid. expected: https://myservice.auth0.com"
- Debugging AWS HTTP API (beta) JWT Authorizer
- AWS API Gateway authentication error IncompleteSignatureException using JWT with Auth0
- Google API -> Unable to obtain access token from JWT
- AWS API Gateway authorizer google sign in
- AWS google api authentication