Posted On: Feb 11, 2016

Amazon API Gateway now supports custom request authorizers allowing you to implement various authorization strategies (e.g., JSON Web token verification) to secure your APIs. Custom request authorizers are implemented as AWS Lambda functions that run code for your authorization strategy implementation. 

When a request comes into API Gateway, the custom authorizer will receive an authorization token from the client and return an IAM policy if the client is authorized. The returned IAM policy can be cached and used to authorize future API calls with the same token. Please read our documentation to learn more about custom request authorizers. 

Please visit our product page for more information about Amazon API Gateway.