CreateAuthorizer
Creates an authorizer.
Requires permission to access the CreateAuthorizer action.
Request Syntax
POST /authorizer/authorizerName HTTP/1.1
Content-type: application/json
{
"authorizerFunctionArn": "string",
"enableCachingForHttp": boolean,
"signingDisabled": boolean,
"status": "string",
"tags": [
{
"Key": "string",
"Value": "string"
}
],
"tokenKeyName": "string",
"tokenSigningPublicKeys": {
"string" : "string"
}
}URI Request Parameters
The request uses the following URI parameters.
-
The authorizer name.
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern:
[\w=,@-]+Required: Yes
Request Body
The request accepts the following data in JSON format.
-
The ARN of the authorizer's Lambda function.
Type: String
Length Constraints: Maximum length of 2048.
Pattern:
[\s\S]*Required: Yes
- enableCachingForHttp
-
When
true, the result from the authorizer’s Lambda function is cached for clients that use persistent HTTP connections. The results are cached for the time specified by the Lambda function inrefreshAfterInSeconds. This value does not affect authorization of clients that use MQTT connections.The default value is
false.Type: Boolean
Required: No
- signingDisabled
-
Specifies whether Amazon IoT validates the token signature in an authorization request.
Type: Boolean
Required: No
- status
-
The status of the create authorizer request.
Type: String
Valid Values:
ACTIVE | INACTIVERequired: No
-
Metadata which can be used to manage the custom authorizer.
Note
For URI Request parameters use format: ...key1=value1&key2=value2...
For the CLI command-line parameter use format: &&tags "key1=value1&key2=value2..."
For the cli-input-json file use format: "tags": "key1=value1&key2=value2..."
Type: Array of Tag objects
Required: No
- tokenKeyName
-
The name of the token key used to extract the token from the HTTP headers.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern:
[a-zA-Z0-9_-]+Required: No
- tokenSigningPublicKeys
-
The public keys used to verify the digital signature returned by your custom authentication service.
Type: String to string map
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Key Pattern:
[a-zA-Z0-9:_-]+Value Length Constraints: Maximum length of 5120.
Value Pattern:
[\s\S]*Required: No
Response Syntax
HTTP/1.1 200
Content-type: application/json
{
"authorizerArn": "string",
"authorizerName": "string"
}Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
-
The authorizer ARN.
Type: String
Length Constraints: Maximum length of 2048.
-
The authorizer's name.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern:
[\w=,@-]+
Errors
- InternalFailureException
-
An unexpected error has occurred.
- message
-
The message for the exception.
HTTP Status Code: 500
- InvalidRequestException
-
The request is not valid.
- message
-
The message for the exception.
HTTP Status Code: 400
- LimitExceededException
-
A limit has been exceeded.
- message
-
The message for the exception.
HTTP Status Code: 410
- ResourceAlreadyExistsException
-
The resource already exists.
- message
-
The message for the exception.
- resourceArn
-
The ARN of the resource that caused the exception.
- resourceId
-
The ID of the resource that caused the exception.
HTTP Status Code: 409
- ServiceUnavailableException
-
The service is temporarily unavailable.
- message
-
The message for the exception.
HTTP Status Code: 503
- ThrottlingException
-
The rate exceeds the limit.
- message
-
The message for the exception.
HTTP Status Code: 400
- UnauthorizedException
-
You are not authorized to perform this operation.
- message
-
The message for the exception.
HTTP Status Code: 401
See Also
For more information about using this API in one of the language-specific Amazon SDKs, see the following: