Securing AWS API Gateway so only logged in users can access the API

Hey all,

I’ve finally come to my wits end after nearly spending a week on trying to achieve this, I’ve found so many different tutorials and I believe I’ve gone around and around in circles and getting confused now as to what I need to pass in as the authorizationToken (access or idToken) (for example).

So does anyone have any good tutorials on how to secure an AWS API Gateway using auth0 so only logged in users can access it?

I’m using the serverless framework and javascript if that helps.