create_authorizer

create_authorizer(**kwargs)

Creates an authorizer.

Requires permission to access the CreateAuthorizer action.

See also: AWS API Documentation

Request Syntax

response = client.create_authorizer(
    authorizerName='string',
    authorizerFunctionArn='string',
    tokenKeyName='string',
    tokenSigningPublicKeys={
        'string': 'string'
    },
    status='ACTIVE'|'INACTIVE',
    tags=[
        {
            'Key': 'string',
            'Value': 'string'
        },
    ],
    signingDisabled=True|False,
    enableCachingForHttp=True|False
)
Parameters
  • authorizerName (string) --

    [REQUIRED]

    The authorizer name.

  • authorizerFunctionArn (string) --

    [REQUIRED]

    The ARN of the authorizer's Lambda function.

  • tokenKeyName (string) -- The name of the token key used to extract the token from the HTTP headers.
  • tokenSigningPublicKeys (dict) --

    The public keys used to verify the digital signature returned by your custom authentication service.

    • (string) --
      • (string) --
  • status (string) -- The status of the create authorizer request.
  • tags (list) --

    Metadata which can be used to manage the custom authorizer.

    Note

    For URI Request parameters use format: ...key1=value1&key2=value2...

    For the CLI command-line parameter use format: &&tags "key1=value1&key2=value2..."

    For the cli-input-json file use format: "tags": "key1=value1&key2=value2..."

    • (dict) --

      A set of key/value pairs that are used to manage the resource.

      • Key (string) -- [REQUIRED]

        The tag's key.

      • Value (string) --

        The tag's value.

  • signingDisabled (boolean) -- Specifies whether IoT validates the token signature in an authorization request.
  • enableCachingForHttp (boolean) --

    When true , the result from the authorizer’s Lambda function is cached for clients that use persistent HTTP connections. The results are cached for the time specified by the Lambda function in refreshAfterInSeconds . This value does not affect authorization of clients that use MQTT connections.

    The default value is false .

Return type

dict

Returns

Response Syntax

{
    'authorizerName': 'string',
    'authorizerArn': 'string'
}

Response Structure

  • (dict) --

    • authorizerName (string) --

      The authorizer's name.

    • authorizerArn (string) --

      The authorizer ARN.

Exceptions

  • IoT.Client.exceptions.ResourceAlreadyExistsException
  • IoT.Client.exceptions.InvalidRequestException
  • IoT.Client.exceptions.LimitExceededException
  • IoT.Client.exceptions.ThrottlingException
  • IoT.Client.exceptions.UnauthorizedException
  • IoT.Client.exceptions.ServiceUnavailableException
  • IoT.Client.exceptions.InternalFailureException