AWS JWT Authorizer

Hi,

We’re building a graphQL interface in AWS with API Gateway in front of it. The Gateway is proxying the graphQL as an HTTP resource. We wish to perform JWT authorization and the Okta documentation details building a AWS Lambda function to perform the JWT authorization; however, AWS has fairly recently added its own JWT authorizer, which requires no code. Has anyone gone down this path. The AWS JWT authorizer seems to be rejecting the tokens because the nbf claim is missing.

Hi Nigel. If the hangup is on that nbf claim then I’m not sure there will be a solution. Okta does not support the nbf claim. You can use this to create tokens before they are actually valid. Our tokens are always valid as soon as they are created.

Thanks for the response Cale. Here’s the documentation from AWS that I was referring to:

https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-jwt-authorizer.html

It’s not clear on what it means by validating the token claims or what it does if they don’t exist.