Authorizer

The authorizer section configures the authorization mechanism. ServerlessAPIGateway currently supports JWT (JSON Web Token) based authorization with HS256 algorithm.

  • type: Type of authorization (e.g., JWT).

  • secret: Secret key for authorization.

  • algorithm: Algorithm used for token validation.

  • audience: Intended audience of the token.

  • issuer: The issuer of the token.

Example

{
    "authorizer": {
        "type": "jwt",
        "secret": "{YOUR_SECRET_KEY}",
        "algorithm": "HS256",
        "audience": "opensourcecommunity",
        "issuer": "serverlessapigw"
    },
}

JWT Error

Serverless API Gateway uses JOSE JWT and error states implemented with its error types. Example response:

{
    "error": "Signature verification failed",
    "code": "ERR_JWS_SIGNATURE_VERIFICATION_FAILED"
}

Error Codes and Responses

JOSEAlgNotAllowed

An error returns when a JOSE Algorithm is not allowed per developer preference.

Response

{
    "error": "Algorithm not allowed",
    "code": "ERR_JOSE_ALG_NOT_ALLOWED"
}

JWEDecryptionFailed

An error returns when a JWE ciphertext decryption fails.

Response

{
    "error": "Decryption failed",
    "code": "ERR_JWE_DECRYPTION_FAILED"
}

JWEInvalid

An error returns when the JWE format is invalid.

Response

{
    "error": "Invalid JWE",
    "code": "ERR_JWE_INVALID"
}

JWTExpired

An error returns when a JWT has expired.

Response

{
    "error": "Token has expired.",
    "code": "ERR_JWT_EXPIRED"
}

JWTClaimValidationFailed

An error returns when validation of a JWT claim fails.

Response

{
    "error": "JWT claim validation failed",
    "code": "ERR_JWT_CLAIM_VALIDATION_FAILED"
}

JWTInvalid

An error returns when the JWT is invalid.

Response

{
    "error": "Invalid JWT",
    "code": "ERR_JWT_INVALID"
}

JWKSNoMatchingKey

An error returns when no matching key is found in the JWKS.

Response

{
    "error": "No matching key found in JWKS.",
    "code": "ERR_JWKS_NO_MATCHING_KEY"
}

JWKSInvalid

An error returns when the JWKS is invalid.

Response

{
    "error": "Invalid JWKS",
    "code": "ERR_JWKS_INVALID"
}

JWKSMultipleMatchingKeys

An error returns when multiple matching keys are found in the JWKS.

Response

{
    "error": "Multiple matching keys found in JWKS.",
    "code": "ERR_JWKS_MULTIPLE_MATCHING_KEYS"
}

JWSInvalid

An error thrown when the JWS is invalid.

Response

{
    "error": "Invalid JWS",
    "code": "ERR_JWS_INVALID"
}

JWSSignatureVerificationFailed

An error returns when JWS signature verification fails.

Response

{
    "error": "Signature verification failed",
    "code": "ERR_JWS_SIGNATURE_VERIFICATION_FAILED"
}

JWT Verification Failed

An error thrown for any other JWT verification failures not specifically covered by the other errors.

Response

{
    "error": "JWT verification failed",
    "code": "AUTH_ERROR"
}

Last updated