Create Cognito Authorizer

In API Gateway on the left menu click Authorizers , then click + Create New Authorizer input the name as Builder-Class, select Cognito and select your Cognito user pool in the drop down ( this should pre-populate when you click in the input field ).

Additionally add Authorization as the Token Source, ( note the spelling is Authorization ). Finally, click Create

Your new Authorizer is ready, but before we attach this to the API let’s explore the test functionality. Click Test

This will bring up a dialog, this is expecting what we would send to the API in an Authorization header. We will send a Bearer token that was generated earlier in Postman. Leave this dialog open.

Return to Postman and return to the original Tab, Click Auth then click on the Available Tokens combo box, click Manage Tokens.

From here scroll down until you see Token Type Bearer select and copy this token into your clipboard. If you double click the token it will select it all, do this carefully as the token is long. If you have left this idle for too long you may need to click Get New Access Token to retrieve a new token.

Return to the AWS Console and in the input box type Bearer with one space and then paste the token and click test. Your Authorizer works end to end, now lets test this against the actual API.