问题
I am having an Architecture where I am using API Gateway with Cognito User Pool Authorizer and I am passing the IdToken in Authorization Header from client side ReST call.
It is working fine.
I need the cognitoIdentityId in Lambda.
Tried Body Template Mapping in Integration Request in API Gateway
Content type - application/json
{
"cognito-identity" : "$context.identity.cognitoIdentityId"
}
It doesn't send the identityid (in event or in context) and also it transforms my payload only to this json.
How to get the identityid in Lambda in this scenario with my payload intact?
回答1:
The Cognito Identity Id will only be available if you use Cognito Identity Credentials. If you want to get information about the Cognito User Pool user authorized via an athorizer, it will be available in the context.authorizer.claims map.
See this documentation for more details.
Also, if you want this value to be available in your Lambda function, it will be in the event.requestContext.authorizer.claims map (if you are using Lambda proxy integration), or wherever you've chosen to map it with your mapping template (if you are not using proxy integration).
Edited to fix typo.
回答2:
CognitoIdentityId comes from the Federated Identity Pool. If you want an identityId then you have to create an Identity Pool in AWS Cognito Federated Identities with your AWS Cognito User Pool. Click here
Then you need to authenticate your UserPool user which will return you the JWT Tokens (IdToken, AccessToken and RefreshToken). Using this IdToken you can call the GetId method of Cognito Federated Identities API to obtain the IdentityId.
来源:https://stackoverflow.com/questions/43303797/api-gateway-with-cognito-user-pool-authorizer-and-lambda