Tests a custom authorization behavior by invoking a specified custom authorizer. Use this to test and debug the custom authorization behavior of devices that connect to the AWS IoT device gateway.
Requires permission to access the TestInvokeAuthorizer action.
Request Syntax
POST /authorizer/authorizerName/test HTTP/1.1
Content-type: application/json
{
"httpContext": {
"headers": {
"string" : "string"
},
"queryString": "string"
},
"mqttContext": {
"clientId": "string",
"password": blob,
"username": "string"
},
"tlsContext": {
"serverName": "string"
},
"token": "string",
"tokenSignature": "string"
}URI Request Parameters
The request uses the following URI parameters.
-
The custom authorizer name.
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern:
[\w=,@-]+Required: Yes
Request Body
The request accepts the following data in JSON format.
- httpContext
-
Specifies a test HTTP authorization request.
Type: HttpContext object
Required: No
- mqttContext
-
Specifies a test MQTT authorization request.
Type: MqttContext object
Required: No
- tlsContext
-
Specifies a test TLS authorization request.
Type: TlsContext object
Required: No
- token
-
The token returned by your custom authentication service.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 6144.
Pattern:
[\s\S]*Required: No
- tokenSignature
-
The signature made with the token and your custom authentication service's private key. This value must be Base-64-encoded.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 2560.
Pattern:
[A-Za-z0-9+/]+={0,2}Required: No
Response Syntax
HTTP/1.1 200
Content-type: application/json
{
"disconnectAfterInSeconds": number,
"isAuthenticated": boolean,
"policyDocuments": [ "string" ],
"principalId": "string",
"refreshAfterInSeconds": number
}Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- disconnectAfterInSeconds
-
The number of seconds after which the connection is terminated.
Type: Integer
- isAuthenticated
-
True if the token is authenticated, otherwise false.
Type: Boolean
- policyDocuments
-
IAM policy documents.
Type: Array of strings
Length Constraints: Minimum length of 0. Maximum length of 404600.
Pattern:
[\s\S]* - principalId
-
The principal ID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern:
[a-zA-Z0-9]+ - refreshAfterInSeconds
-
The number of seconds after which the temporary credentials are refreshed.
Type: Integer
Errors
- InternalFailureException
-
An unexpected error has occurred.
HTTP Status Code: 500
- InvalidRequestException
-
The request is not valid.
HTTP Status Code: 400
- InvalidResponseException
-
The response is invalid.
HTTP Status Code: 400
- ResourceNotFoundException
-
The specified resource does not exist.
HTTP Status Code: 404
- ServiceUnavailableException
-
The service is temporarily unavailable.
HTTP Status Code: 503
- ThrottlingException
-
The rate exceeds the limit.
HTTP Status Code: 400
- UnauthorizedException
-
You are not authorized to perform this operation.
HTTP Status Code: 401
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
