AppSync: support for OPENID_CONNECT authorization type
See original GitHub issueCurrently it is not possible to configure the OPENID_CONNECT authentication method with the GraphQLApi object.
Proposed Solution
Currently this is only possible with the primitive Cfn objects. This means that it makes configuring subsequent schemas, datasources and resolvers more complex as they too need to use the primitive Cfn objects. Below is an example of achieving this using the primitive Cfn objects. I believe the addition needs to be made in a similar way to this https://github.com/aws/aws-cdk/blob/master/packages/%40aws-cdk/aws-appsync/lib/graphqlapi.ts#L31.
Cfn implementation
auth_config = aws_appsync.CfnGraphQLApi.OpenIDConnectConfigProperty(
issuer="https://openid_privider.company.com/"
)
api = aws_appsync.CfnGraphQLApi(
self,
id="api",
name="api",
log_config=aws_appsync.CfnGraphQLApi.LogConfigProperty(
exclude_verbose_content=False,
cloud_watch_logs_role_arn=log_role.role_arn,
field_log_level="ALL",
),
open_id_connect_config=auth_config,
authentication_type="OPENID_CONNECT",
)
- 👋 I may be able to implement this feature request
- ⚠️ This feature might incur a breaking change
This is a 🚀 Feature Request
Issue Analytics
- State:
- Created 3 years ago
- Reactions:1
- Comments:5 (1 by maintainers)
Top Results From Across the Web
Authorization and authentication - AWS AppSync
This authorization type enforces OpenID connect (OIDC) tokens provided by an OIDC-compliant service. Your application can leverage users and privileges defined ...
Read more >How to configure Auth0 with AWS AppSync
AppSync supports multiple types of authorization providers, and one of them is OpenID Connect. It is an open standard and many user ...
Read more >Authenticating an AWS AppSync GraphQL API with Auth0
In this tutorial, we'll walk through how to implement OIDC authentication for your AWS AppSync endpoint using Auth0 as the authentication ...
Read more >Support for OpenID Connect auth type? · Issue #122 - GitHub
Hello! I've noticed that OPENID_CONNECT doesn't appear to be a supported auth type within the appsync client: image. (source: https ...
Read more >How developers can authenticate and authorize users with ...
AWS AppSync offers authentication and authorization options that provide a lot of flexibility. The AWS AppSync team is constantly evolving the ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
I’ve already implemented it. Have a look at the pull request: https://github.com/aws/aws-cdk/pull/7878
also needed here ! Thanks for the PR