A Lambda authorizer (or custom authorizer) is an API Gateway feature that uses a Lambda function to control access to your API. You can use this to implement a custom authorization scheme.
With this when a request comes in to the API the API Gateway will first call the authorizer and checks if the token is valid and then it returns an IAM policy which either allows or denies the request.
This video guides you step by step on how to create the authorizer and what should be in the actual code. There is also an associated Github repo where you can find the full source code together with an AWS SAM template which you can deploy just by running “sam deploy –guided”. The repo is here: https://github.com/majestic-cloud/api…
There is also an older video in which I show you how to use a Cognito authorizer if you’re interested: https://youtu.be/LI31QxfAgho