API Gateway: Token Authorizer vs Request Authorizer (in 20 seconds)

This is a Quick & Simple post on the difference between the TokenAuthorizer and RequestAuthorizer with regards to API Gateway.

Both require a Lambda to do the actual authorization.

The difference?

Token Authorizer looks at a specific header. Typically, it’ll be the Api-Key header that your Lambda will care about.

Request Authorizer looks at the whole request. With this, you can look at all the headers and other properties as…

--

Technical Instructor and Software Engineer.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store