Securing AWS HTTP APIs with JWT Authorizers

jakey699 · August 23, 2020, 11:00pm

This is for a Lambda HTTPS authorizer.

konrad.sopala · August 24, 2020, 8:21am

Thanks for reporting that @jakey699! The Content Team will address that soon

dan-auth0 · September 7, 2020, 5:34pm

Howdy, Jake! Thank you for joining the Auth0 community. I apologize for the delayed response. Our team has been at limited capacity during these times.

To better assist you, could you please provide us with reproduction steps to get to the issue. Did you do anything different from what’s outlined in the blog post?

Thank you

jakey699 · September 8, 2020, 6:00pm

Hi Dan,

I already had my own function which was operating normally without authorisation, so I started at creating a HTTPS endpoint to the Lambda function and going on from there. I didn’t deviate from the instructions.

I’ve since had to create my own custom authoriser to get around whatever was causing the issue - though it’d be great to not have it as it only increases execution time.

Cheers,

Jake

eric.zaporzan · October 11, 2020, 5:12pm

Hey folks, just in case it helps someone, I was hitting the same error as @jakey699 and it was because in the “Issuer URL” field in the API Gateway V2 console, the URL must include a trailing slash. So instead of “https://whatever.us.auth0.com” it needed to be "“https://whatever.us.auth0.com/”. Pretty subtle change, spent way too much time trying to figure out the problem

mannieschumpert · October 13, 2020, 1:42pm

Thanks Eric! That’s just what I needed to know.

mannieschumpert · October 13, 2020, 5:24pm

This was not hard to get set up!

However, I’m trying to access authenticated user data, and am currently flummoxed by the way app_metadata is returned. It’s being returned as a string with this format:
map[key1:value1 key2:value2], and is not easily parse-able, as there are no commas, and spaces can be in values and between them.

Is there a known method for parsing this format to an object?

UPDATE: Never mind. I just had to re-decode the token to get the data in a usable format.

konrad.sopala · October 14, 2020, 12:46pm

Glad you have it figured out!

hurrikaani56 · April 5, 2021, 3:53pm

Thanks Eric! This was the thing, I was missing the trailing slash and was getting exactly the same error message.

konrad.sopala · April 6, 2021, 11:59am

Glad you have it working now!

jammo · April 27, 2021, 12:49pm

Exactly the same problem with “401: unauthorized” when trying to post with a token to add new records. Ended up not having a trailing “/” on the Issuer URL. I checked the tutorial which has this there, but perhaps highlight it too for future readers.

NOTE: Ensure you have the trailing “/” at the end

Many thanks, fantastic tutorial
Jammo

konrad.sopala · April 28, 2021, 3:00pm

Thanks for sharing it with the rest of community!

jayanthi · July 2, 2021, 9:06am

I have provided JWT Issuer and Audience as per the instructions in Securing AWS HTTP APIs with JWT Authorizers.
But Still not working.
In Issuer URL also i have provided / at the last. still no luck

jayanthi · July 2, 2021, 9:08am

I have provided JWT Issuer and Audience as per the instructions in Securing AWS HTTP APIs with JWT Authorizers.
But Still not working.
In Issuer URL also i have provided / at the last. still no luck

konrad.sopala · July 2, 2021, 9:08am

Tagging you @dan-auth0 for visibility

wguerram · November 16, 2021, 3:50am

John great post, I’m using NestJS, could you help me with getting req.user populated with the user information?

Usually passport would fill that information or is it avaible some other way?

konrad.sopala · November 16, 2021, 9:52am

Hey there @Auth0-Content-Team! Can anybody look into that? Thank you!

jghaines · April 19, 2024, 8:11am

I’d love to see this article include some references for sample client applications. Specifically using the Auth0 client APIs to obtain and pass JWTs to the this AWS HTTP API.