I have been trying to follow this article: Secure AWS API Gateway Endpoints Using Custom Authorizers which is out of date, both due to complete overhauls on AWS’s side and changes on Auth0’s side, to integrate Auth0 with my AWS back end for a Flutter application.
What I am trying to do is when a user logs in, their Auth0 roles are passed to the application. Those roles enable or disable access to certain features. Certain actions allow the user to send information to an AWS REST API endpoint which corresponds to a lambda function. We want to make our end points as secure as possible so we want to use the user authorization token to verify users when they make the request. The lambda functions custom authorizer should use the Auth0 token to determine if the user has proper access. Now I am not sure if this is the way to do it and I would greatly appreciate any insight into how to properly set this up, especially if I am thinking about it incorrectly.