API Gateway: Token Authorizer vs Request Authorizer (in 20 seconds)

This is a Quick & Simple post on the difference between the TokenAuthorizer and RequestAuthorizer with regards to API Gateway.

Both require a Lambda to do the actual authorization.

The difference?

Token Authorizer looks at a specific header. Typically, it’ll be the Api-Key header that your Lambda will care about.

Request Authorizer looks at the whole request. With this, you can look at all the headers and other properties as…


Technical Instructor and Software Engineer.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store