AWS API Gateway JWT Check
Hey all, this might be a very beginner question. I am looking to validate the JWT on incoming requests in my AWS API Gateway. If I can avoid using a lambda that would be good as its one less managed service to worry about. The screenshot I provided is what I need to fill in to do a third-party JWT verification on API Gateway. Is this possible with Kinde? If so, can someone please recommend the documentation page and/or where within the Kinde UI I can find what to enter. Thanks 🙏
6 Replies
Hey @theAiGuy,
We don't classify any questions as beginner questions. They may be beginner to one person and an expert question to someone else.
You can use Kinde to validate JWTs for incoming requests in your AWS API Gateway. Kinde supports JWT verification, which you can configure to work with AWS API Gateway.
Here’s how you can find the necessary information to fill in the AWS API Gateway fields:
1. Name: This is a label for your identity provider configuration in AWS API Gateway. You can name it something like "KindeJWTVerification".
2. Identity Source: This typically refers to the location in the request where the JWT token will be found. Commonly, it is set to
$request.header.Authorization
.
3. Issuer URL: This is the URL of the server that issued the JWT. You can find this in your Kinde dashboard under the settings for your specific application.
4. Audience: This is intended to ensure that the JWT was intended to be given to your API. You set this in Kinde when you register your API. It will be part of the JWT’s aud
claim.
If you need further assistance, feel free to reach out!@Oli - Kinde thanks so much for that! I appreciate it. I just had a look in my token and currently Im receiving "aud": [],
Can I update the audience after the API has been registered?
@Oli - Kinde I figured it out, thanks for your help anyway 🙂
In the UI I wasn't adding the aud to the provider.
Great to hear you figured it out!
Please don't hesitate to reach out if you have any other questions.
Correct me if, I understand incorrectly. In this way, we don't need to run any lambda function to validate the request. We can simply validate with this approach and then forward the request to the desired service?
Yes, that's correct! By using Kinde for JWT validation in AWS API Gateway, you can validate the JWT directly without needing to run a Lambda function.
It's great. Thank you 🙂