DVA-C02 · Question #795
A developer is building an application that has an Amazon API Gateway HTTP API that invokes AWS Lambda functions. End users need to authenticate to the application by using an identity provider (IdP)
The correct answer is D. Create a JSON Web Token (JWT) authorizer by using the OIDC configuration. Update the API. API Gateway HTTP APIs support native JWT authorizers that integrate directly with an OIDC- compatible identity provider. By configuring a JWT authorizer with the OIDC issuer and audience and attaching it to the routes, API Gateway performs token validation automatically, requirin
Question
A developer is building an application that has an Amazon API Gateway HTTP API that invokes AWS Lambda functions. End users need to authenticate to the application by using an identity provider (IdP) that is compatible with OpenID Connect (OIDC). The developer must ensure that only authenticated users can access the API routes. Which solution will meet this requirement with the LEAST development effort?
Options
- ACreate a Lambda authorizer to validate an OIDC access token. Update the API routes to use the
- BUpdate the existing Lambda functions to validate an OIDC access token.
- CChange the HTTP API to a REST API. Configure a resource policy on the REST API to trust the
- DCreate a JSON Web Token (JWT) authorizer by using the OIDC configuration. Update the API
How the community answered
(35 responses)- A3% (1)
- B6% (2)
- C9% (3)
- D83% (29)
Explanation
API Gateway HTTP APIs support native JWT authorizers that integrate directly with an OIDC- compatible identity provider. By configuring a JWT authorizer with the OIDC issuer and audience and attaching it to the routes, API Gateway performs token validation automatically, requiring minimal custom code and the least development effort.
Community Discussion
No community discussion yet for this question.