CustomJWTAuthorizerConfiguration
Configuration for inbound JWT-based authorization, specifying how incoming requests should be authenticated.
Contents
- discoveryUrl
-
This URL is used to fetch OpenID Connect configuration or authorization server metadata for validating incoming tokens.
Type: String
Pattern:
.+/\.well-known/openid-configurationRequired: Yes
- allowedAudience
-
Represents individual audience values that are validated in the incoming JWT token validation process.
Type: Array of strings
Array Members: Minimum number of 1 item.
Required: No
- allowedClients
-
Represents individual client IDs that are validated in the incoming JWT token validation process.
Type: Array of strings
Array Members: Minimum number of 1 item.
Required: No
- allowedScopes
-
An array of scopes that are allowed to access the token.
Type: Array of strings
Array Members: Minimum number of 1 item.
Length Constraints: Minimum length of 1. Maximum length of 255.
Pattern:
[\x21\x23-\x5B\x5D-\x7E]+Required: No
- customClaims
-
An array of objects that define a custom claim validation name, value, and operation
Type: Array of CustomClaimValidationType objects
Array Members: Minimum number of 1 item.
Required: No
- privateEndpoint
-
The private endpoint configuration for a gateway target. Defines how the gateway connects to private resources in your VPC.
Type: PrivateEndpoint object
Note: This object is a Union. Only one member of this object can be specified or returned.
Required: No
- privateEndpointOverrides
-
A list of private endpoint overrides for the JWT authorizer. Each override maps a specific domain to a private endpoint, enabling secure connectivity through VPC Lattice resource configurations.
Type: Array of PrivateEndpointOverride objects
Array Members: Minimum number of 0 items. Maximum number of 5 items.
Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
