Authorization

Authorization

By default, calling API Gateway does not require authorization. You can add authorization to your API with API Gateway authorization types. There are several authorization types available:

  • NONE - open access
  • AWS_IAM - use AWS IAM permissions
  • CUSTOM - custom authorizer
  • COGNITO_USER_POOLS - Cognito User Pool

The complete list of authorization types is available in the AWS API Gateway docs.

You can also make use of Before Filters to build your own custom authorization system instead of using API Gateway Authorization types.

Application Wide

You can enable authorization application-wide with config/application.rb:

Jets.application.configure do
  config.api.authorization_type = :aws_iam
end

This will require a caller to authenticate using IAM before being able to access the endpoint.

Controller Wide

You can enable controller-wide authorization also. Example:

class PostsController < ApplicationController
  authorization_type :aws_iam
end

All PostsController actions will be use AWS_IAM authorization.

Route Specific

You can also enable authorization on a per-route basis with the authorization_type option:

Jets.application.routes.draw do
  get  "posts", to: "posts#index", authorization_type: :aws_iam
end

Pro tip: Use the <- and -> arrow keys to move back and forward.

Edit this page

See a typo or an error? You can improve this page. This website is available on GitHub and contributions are encouraged and welcomed. We love pull requests from you!