Support for multi-argument authorizer functions and access tokens
- Services: API Gateway
- Release Date: September 14, 2022
You can now use multi-argument authorizer functions for authentication and authorization. A multi-argument authorizer function accepts a user-defined, multi-argument access token comprising one or more elements of a request.
Using a multi-argument (rather than a single-argument) authorizer function enables an API gateway to perform finer-grained, request-based authentication. A multi-argument authorizer function can query decision services and policy agents with attributes from the access token and with other request elements such as query parameters, hostname, and subdomain.
For more information, see Using Authorizer Functions to Add Authentication and Authorization to API Deployments.