AWS AppSync Now Supports Configuring Multiple Authorization Types for GraphQL APIs
AWS AppSync is a managed GraphQL service that simplifies application development by letting you create a flexible API to securely access, manipulate, and combine data from one or more data sources. With today’s launch, AWS AppSync now supports configuring more than one authorization type simultaneously for GraphQL APIs.
You can configure a single GraphQL API to deliver private and public data. You can also configure a single GraphQL API to deliver private data using more than one authorization type. For example, you can configure your GraphQL API to authorize some schema fields using OpenID Connect (OIDC), while authorizing other schema fields through Amazon Cognito User Pools and/or AWS Identity and Access Management (IAM).
AWS AppSync supports configuring additional authorization types while retaining the authorization settings of your existing GraphQL APIs. To ensure that there are no behavioral changes in your existing GraphQL APIs, we have set your current authorization settings as the default. You can add additional authorization types using the AWS AppSync Console, CLI, and CloudFormation templates. We have also updated the AWS AppSync client SDKs for Android, iOS, and JavaScript and the Amplify CLI to support multiple authorization types.
To learn more, see the release blog post and the AWS AppSync web page.