Skip to content

Auth AWS

AWS authorization

To get the value of request header x-aws-authorization, use g.req.auth.authAWS.

const aws_auth = g.req.auth.authAWS;

Secret file sample object

    "authTokenType": "AWS",
    "authTokenAWS": {
        "cognitoUserPoolId": "POOL_ID",
        "region": "YOUR_REGION",
        "tokenExpiration": 200,
        "tokenUse": "access",
        "sourceFieldOfUniqueId": "__TOKEN_OBJECT_FIELD_NAME__",
        "groupsDataSource": {
            "instance": "INSTANCE_NAME",
            "database": "DATABASE_NAME",
            "table": "COLLECTION_NAME",
            "targetFieldForUniqueId": "UNIQUE_COLUMN_NAME",
            "groupsColumn": "COMMA_SEPARATED_GROUPS",
            "select": {
                "COLUMN_NAME1": 1,
                "COLUMN_NAME2": 1
  • You will get 'cognitoUserPoolId', 'region' data are from the AWS.
  • The 'sourceFieldOfUniqueId' is the field name which you will get after opening AWS token, mostly it holds user email address.
  • Provide the groups name comma separated in the 'groupsColumn' field and provide the 'instance', 'database', 'table' from which that 'groupsColumn' exist.
  • The 'targetFieldForUniqueId' is your database field which contains the exact same value as the 'sourceFieldOfUniqueId' has.
  • In 'select' you can define the column name which you want to get in the response.