Amazon API Gateway Now Supports Enhanced Request Authorizers
You can now pass information to your Amazon API Gateway custom authorizers via request parameters including headers, paths, query strings, stage variables, or context variables. An API Gateway custom authorizer is an AWS Lambda function that you provide to control access to your APIs using bearer token authentication strategies, such as OAuth or SAML.
Previously, you can only pass one authorization token defined in the custom header in the initial client request to the custom authorizer. With Enhanced Request Authorizers, more information is made available to the Lambda authorizer function, allowing you to integrate more complex authorization schemes, such as signature verification and validation of multiple headers.
This feature is now available in US East (N. Virginia), US East (Ohio), US West (Oregon), US West (N. California), Canada (Central), South America (São Paulo), EU (Ireland), EU (Frankfurt), EU (London), Asia Pacific (Singapore), Asia Pacific (Tokyo), Asia Pacific (Sydney), Asia Pacific (Seoul), and Asia Pacific (Mumbai) AWS regions. Visit our documentation to learn more about this feature. Visit our product page for more information about Amazon API Gateway.