Custom authentication and authorization - Amazon IoT Core
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Custom authentication and authorization

Amazon IoT Core lets you define custom authorizers so that you can manage your own client authentication and authorization. This is useful when you need to use authentication mechanisms other than the ones that Amazon IoT Core natively supports. (For more information about the natively supported mechanisms, see Client authentication). 

For example, if you are migrating existing devices in the field to Amazon IoT Core and these devices use a custom bearer token or MQTT user name and password to authenticate, you can migrate them to Amazon IoT Core without having to provision new identities for them. You can use custom authentication with any of the communication protocols that Amazon IoT Core supports. For more information about the protocols that Amazon IoT Core supports, see Device communication protocols.