Securing AWS HTTP APIs with JWT Authorizers

This is for a Lambda HTTPS authorizer.

1 Like

Thanks for reporting that @jakey699! The Content Team will address that soon

1 Like

Howdy, Jake! Thank you for joining the Auth0 community. I apologize for the delayed response. Our team has been at limited capacity during these times.

To better assist you, could you please provide us with reproduction steps to get to the issue. Did you do anything different from what’s outlined in the blog post?

Thank you :slight_smile:

Hi Dan,

I already had my own function which was operating normally without authorisation, so I started at creating a HTTPS endpoint to the Lambda function and going on from there. I didn’t deviate from the instructions.

I’ve since had to create my own custom authoriser to get around whatever was causing the issue - though it’d be great to not have it as it only increases execution time.



Hey folks, just in case it helps someone, I was hitting the same error as @jakey699 and it was because in the “Issuer URL” field in the API Gateway V2 console, the URL must include a trailing slash. So instead of “” it needed to be "“”. Pretty subtle change, spent way too much time trying to figure out the problem :stuck_out_tongue:


Thanks Eric! That’s just what I needed to know. :+1:

1 Like

This was not hard to get set up! :raised_hands:

However, I’m trying to access authenticated user data, and am currently flummoxed by the way app_metadata is returned. It’s being returned as a string with this format:
map[key1:value1 key2:value2], and is not easily parse-able, as there are no commas, and spaces can be in values and between them. :weary:

Is there a known method for parsing this format to an object?

UPDATE: Never mind. I just had to re-decode the token to get the data in a usable format.

1 Like

Glad you have it figured out!

Thanks Eric! This was the thing, I was missing the trailing slash and was getting exactly the same error message.

1 Like

Glad you have it working now!