• Public
  • Public/Protected
  • All

Namespace JwtAuthenticationPolicy

Validate a JWT token present in the header or query parameter. A valid policy must specify either tokenHeader or tokenQueryParam.



audiences: Array<string>

The list of intended recipients for the token.

Optional isAnonymousAccessAllowed

isAnonymousAccessAllowed: undefined | false | true

Whether an unauthenticated user may access the API. Must be "true" to enable ANONYMOUS route authorization.


issuers: Array<string>

A list of parties that could have issued the token.

Optional maxClockSkewInSeconds

maxClockSkewInSeconds: undefined | number

The maximum expected time difference between the system clocks of the token issuer and the API Gateway. Note: Numbers greater than Number.MAX_SAFE_INTEGER will result in rounding issues.


Optional tokenAuthScheme

tokenAuthScheme: undefined | string

The authentication scheme that is to be used when authenticating the token. This must to be provided if "tokenHeader" is specified.

Optional tokenHeader

tokenHeader: undefined | string

The name of the header containing the authentication token.

Optional tokenQueryParam

tokenQueryParam: undefined | string

The name of the query parameter containing the authentication token.

Const type

type: string = "JWT_AUTHENTICATION"

Optional verifyClaims

verifyClaims: Array<JsonWebTokenClaim>

A list of claims which should be validated to consider the token valid.