By default, calling API Gateway does not require authorization. You can add authorization to your API with API Gateway authorizers and authorization types. There are several authorization types available:
- NONE - open access
- AWS_IAM - use AWS IAM permissions
- CUSTOM - custom authorizer
- COGNITO_USER_POOLS - Cognito User Pool
The complete list of authorization types is available in the AWS API Gateway docs.
You can enable authorization application-wide with
Jets.application.configure do config.api.authorization_type = :aws_iam end
This will require a caller to authenticate using IAM before being able to access the endpoint.
You can enable controller-wide authorization also. Example:
class PostsController < ApplicationController authorization_type :aws_iam end
All PostsController actions will be using
You can also enable authorization on a per-route basis with the
Jets.application.routes.draw do get "posts", to: "posts#index", authorization_type: :aws_iam end
Inferred Authorization Type
When using Jets Authorizers, Jets will infer the right
COGNITO_USER_POOLS types. So it is recommended to only set authorization_type when you’re using other types like
Pro tip: Use the <- and -> arrow keys to move back and forward.