TestInvokeAuthorizer - AWS IoT

TestInvokeAuthorizer

Tests a custom authorization behavior by invoking a specified custom authorizer. Use this to test and debug the custom authorization behavior of devices that connect to the AWS IoT device gateway.

Requires permission to access the TestInvokeAuthorizer action.

Request Syntax

POST /authorizer/authorizerName/test HTTP/1.1 Content-type: application/json { "httpContext": { "headers": { "string" : "string" }, "queryString": "string" }, "mqttContext": { "clientId": "string", "password": blob, "username": "string" }, "tlsContext": { "serverName": "string" }, "token": "string", "tokenSignature": "string" }

URI Request Parameters

The request uses the following URI parameters.

authorizerName

The custom authorizer name.

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: [\w=,@-]+

Required: Yes

Request Body

The request accepts the following data in JSON format.

httpContext

Specifies a test HTTP authorization request.

Type: HttpContext object

Required: No

mqttContext

Specifies a test MQTT authorization request.

Type: MqttContext object

Required: No

tlsContext

Specifies a test TLS authorization request.

Type: TlsContext object

Required: No

token

The token returned by your custom authentication service.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 6144.

Pattern: [\s\S]*

Required: No

tokenSignature

The signature made with the token and your custom authentication service's private key. This value must be Base-64-encoded.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 2560.

Pattern: [A-Za-z0-9+/]+={0,2}

Required: No

Response Syntax

HTTP/1.1 200 Content-type: application/json { "disconnectAfterInSeconds": number, "isAuthenticated": boolean, "policyDocuments": [ "string" ], "principalId": "string", "refreshAfterInSeconds": number }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

disconnectAfterInSeconds

The number of seconds after which the connection is terminated.

Type: Integer

isAuthenticated

True if the token is authenticated, otherwise false.

Type: Boolean

policyDocuments

IAM policy documents.

Type: Array of strings

Length Constraints: Minimum length of 0. Maximum length of 404600.

Pattern: [\s\S]*

principalId

The principal ID.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: [a-zA-Z0-9]+

refreshAfterInSeconds

The number of seconds after which the temporary credentials are refreshed.

Type: Integer

Errors

InternalFailureException

An unexpected error has occurred.

HTTP Status Code: 500

InvalidRequestException

The request is not valid.

HTTP Status Code: 400

InvalidResponseException

The response is invalid.

HTTP Status Code: 400

ResourceNotFoundException

The specified resource does not exist.

HTTP Status Code: 404

ServiceUnavailableException

The service is temporarily unavailable.

HTTP Status Code: 503

ThrottlingException

The rate exceeds the limit.

HTTP Status Code: 400

UnauthorizedException

You are not authorized to perform this operation.

HTTP Status Code: 401

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: